El Salvador denies responsibility for hacking journalists after report finds Pegasus spyware on their phones

The denial comes after a “The authorities must stop any efforts to restrict freedom of expression and conduct a thorough and impartial investigation to identify those responsible,” Guevara-Rosas said.Julia Gavarrete was one of the El Faro journalists whose phone was hacked. She said that she was at a government press conference in 2020 when someone broke into her apartment and stole her computer and a few belongings. She speculates that it might have something to do with the hacking. “You can feel fear, but at the end, you know that you are doing things that are correct and you can not give them the power to control your life,” Gavarrete told CNN.Gavarrete said while she cannot directly prove that the government is responsible for the attacks, the timings of the attacks were conspicuous because they seemed to line up neatly with stories she and her colleagues were pursuing at the time that could prove damaging to the government.Government denies spying President Nayib Bukele’s administration has rejected the claim that it was behind the hacking.”The government of El Salvador doesn’t have the resources nor the licenses to utilize this type of software,” Sofía Medina, Bukele’s communication secretary said in a statement. Medina said that the government is not connected to the use of Pegasus software, nor to the company that created it, an Israeli company called NSO Group.Medina added that in November, she received an alert from Apple — as did others in the government — about a possible hack into her cell phone. “We have indications that members of the government were also victims of these attacks,” said Medina, adding that the government is already investigating the use of Pegasus and other systems to hack cell phones in the country.CNN has asked the NSO Group for comment on the findings of the new investigation, but has not yet received a direct response.In a statement, the company said its systems were not currently active in El Salvador but promised an investigation once it receives the telephone numbers of those phones that had allegedly been hacked to determine if there had been past misuse of its systems.NSO Group said that it only provides software and that it doesn’t actively operate the technology — nor does it have access to the data is subsequently collects. The company added that the use of its cybersecurity tools to monitor dissidents, activists and journalists is a serious misuse of that technology. On its website, NSO Group says that it only seeks clients who will use their product for the “legal and necessary needs of prevention and investigation of terrorism and other grave crimes.”NSO Group says for that reason, it only grants licenses to those government intelligence and law enforcement agencies following what it calls a process of investigation and licensing by the Israeli Ministry of Defense.Responding to past allegations of misuse of its products, NSO Group told CNN in an email statement: “We regret to see, time and time again, how the name of our company is mentioned in news that has nothing to do with NSO, directly or indirectly.”El Salvador is one of 25 countries who governments had acquired surveillance systems from Circles, a company affiliated with NSO Group, according to a study published in December of 2020 by Citizen Lab.According to that report, the system began operating in 2017 during a previous administration. CNN attempted to reach the then Vice President Óscar Ortiz about those claims, but a request for comment was not answered.David von Blohn and CNN’s Hande Atay Alam contributed to this report.