Anti-Orbán news site’s publisher came under surveillance when his contract with an opposition party was revealed

2021. September 13.

Pegasus Surveillance

Páva’s smartphone was hacked with the cyberweapon developed by Israeli company NSO on March 16, the very day when it became public information that opposition party Democratic Coalition signed a contract with his company for social media consulting.

Newly emerged information suggests that Zoltán Páva, a media company owner linked to Hungary’s opposition, may have been surveilled with the Pegasus spyware because another firm led by him was contracted by opposition party Democratic Coalition (DK).

Páva’s smartphone was hacked with the cyberweapon developed by Israeli company NSO on March 16, the very day when it became public information that a company called EagleEye-Marketing Kft. had signed a contract with DK’s parliamentary faction for social media consulting. On behalf of the company, the signatory of the contract was Zoltán Páva.

Direkt36 reported last Wednesday that Zoltán Páva, a former politician of the Hungarian Socialist Party (MSZP) who is currently the publisher of the anti-government news site Ezalenyeg.hu (Ez a lényeg means “this is the point”), was under surveillance this spring. Traces of Pegasus on Páva’s smartphone have been found by security experts from two organizations, human rights group Amnesty International and Canada-based Citizen Lab. According to forensics analyses, the spyware was present on his device between March 16 and 24, as well as between May 23 and 27 this year.

Páva previously told Direkt36 that he did not understand why he had been under observation during this period, as nothing special had happened to him at that time. He recalled that he had started to show symptoms of Covid-19 on March 16th, which is why he only attended a few less significant online discussions in the following weeks.

The contract with DK did not appear to him as a possible reason for his surveillance because it had already been signed at the end of the previous year and his company began work on 1st of January. However, Páva was not aware that details of the contract were only published on the parliament’s website on March 16th.

Help us tell the truth in Hungary! Become a supporter of Direkt36!

DK party director László Sebián-Petrovszki told Direkt36 that information on the contract was posted on the parliament’s website much later because this was only possible when the Office of the Parliament completed the book-keeping for the previous year. “This always takes the first months of the year,” the party director explained. He added that each faction is in charge of uploading their own contract data.

Páva’s phone was hacked on March 16 at 11:52 a.m. according to the forensic analyses. Sebián-Petrovszki could not say exactly when their colleague uploaded the contract data of EagleEye-Marketing Kft. We asked the Press Office of the Parliament if they had information on the exact upload time of the data, but they did not respond to our questions.

Sebián-Petrovszki said that it has been clear for his party that the pro-government media is following the social media activities of DK and other opposition parties with great interest. “These topics are constantly recurring panels in the right-wing press,” he added.

The contract concluded with EagleEye-Marketing Kft. also attracted the attention of government propaganda. Just a day after the upload of the contract , on March 17, pro-government news site Origo already published an article about it, emphasizing that Zoltán Páva, who runs the contracted company, is also the publisher of Ezalenyeg.hu, a site criticizing the government.

In July, a team of international journalists published stories as part of the Pegasus Project, which was based on a database of 50,000 phone numbers selected for monitoring by NSO customers. Forbidden Stories and Amnesty International had access to the database, which they shared with 16 other news organizations, including The Washington Post, the Süddeutsche Zeitung and The Guardian. From Hungary, Direkt36 was the only participant.

Páva’s phone number was not on the leaked list, but the reason for that is presumably that the database may have leaked even before he became a target. Direkt36 has no information on when exactly the database was leaked, but the in the spring of 2021, the international collaboration was already underway.

Evidence gathered so far strongly suggests that Hungarian state actors are behind the use of Pegasus in Hungary. A security officer formerly with one of Hungary’s intelligence services told Direkt36 that, according to his knowledge, Hungarian services started using Pegasus in 2018 as a direct result of strengthening ties between Israel and Hungary. A former NSO employee also confirmed to one of the project’s partners that Hungary indeed procured the Pegasus software. The Hungarian government has not denied that they use Pegasus, nor did they deny the surveillance of the people Direkt36 has reported on.

The government did not respond to questions about the surveillance of Zoltán Páva.Now we sent additional questions concerning the connection to opposition party DK, but did not receive a reply.

  • Szabolcs Panyi

    Szabolcs graduated from Eötvös Loránd University where he studied Hungarian language and literature. Between 2013 and 2018, he was an editor and political reporter at Index.hu. At Arizona State University, he studied investigative journalism on a Fulbright Fellowship in 2017-2018. In the fall of 2018, he joined Direkt36, where he mainly works on stories related to national security and foreign policy. Meanwhile, he helped launch VSquare.org, a Warsaw-based cross-border investigative journalism initiative for the Visegrád region, where he is currently leading the Central Eastern European investigations. He received the Quality Journalism Award and the Transparency-Soma Award four times each, and he was also shortlisted for the European Press Prize in 2018 and 2021.

  • András Pethő

    András is a co-founder, editor and executive director of Direkt36. Previously, he was a senior editor for leading Hungarian news site Origo before it had been transformed into the government’s propaganda outlet. He also worked for the BBC World Service in London and was a reporter at the investigative unit of The Washington Post. He has contributed to several international reporting projects, including The Panama Papers. He twice won the Soma Prize, the prestigious annual award dedicated to investigative journalism in Hungary. He was a World Press Institute fellow in 2008, a Humphrey fellow at the University of Maryland in 2012/13, and a Nieman fellow at Harvard University in 2019/20. András has taught journalism courses at Hungarian universities.