Lines are blurred in cyber espionage; friends, foes, and frenemies are mixed based on mutual interests, as long as it serves the financial, political, and security needs of both parties.
Publicly, the State of Israel is declared as an arch enemy of the Muslim world, but privately, a good friend and ally- this is how Pakistan and Bangladesh’s military leadership see the Israeli Government, and both South Asian nations admire Israeli-made technologies.
The top intelligence agencies of both South Asian nations regularly meet their Israeli counterparts in Hungary, the UAE, and Thailand.
A recent report in Israeli news outlet Haaretz claimed that Pakistan’s Inter-services Intelligence (ISI) and Bangladesh’s Director General of Forces Intelligence (DGFI) have been using Israeli Pegasus spyware technology for surveillance purposes, despite the lack of diplomatic relations and trade ties between the two countries.
Pakistani F-16s’ high performance during India’s Operation Sindoor derived from the Pakistan Air Force’s secretly acquired Israeli-made Rafael SkyShield jamming Pod. It integrated the SkyShield Jamming Pod in a third country, such as Bulgaria, which is a current operator of Lockheed’s F-16 Fighting Falcon. Israeli tech companies are using Bulgaria as their European sales office to sell products in countries where they don’t have proper offices.
Israeli companies played both sides during Operation Sindoor for financial gains.
On the intelligence front, both Pakistan and Bangladesh collaborate with Israeli spy agencies. Since Bangladesh and Pakistan have no relations with Israel, the purchase was allegedly made through Cyprus, and the technology reached the South Asian countries. Training for the Bangladeshi and Pakistani officials on how to use the spyware products was conducted in Hungary, the UAE and Thailand by the Israeli tech firm.
According Haaretz newspaper, the Pakistan military and the intelligence agency reached out to Israeli officials asking for help to counter India during Operation Sindoor and other Kashmir skirmishes.
The current diplomatic normalisation between the USA and Pakistan is believed to be backed by the Israeli government.
ISI and DGFI are directly in contact with Mossad
The chief of Pakistan’s spy agency said he had contacted Israeli officials to head off potential attacks on Israeli targets in India, according to an October 2009 U.S. diplomatic cable published by WikiLeaks.
Lieutenant General Ahmad Shuja Pasha, head of Pakistan’s Inter-Services Intelligence agency, told former U.S. Ambassador Anne Patterson that he wanted Washington to know he had been to Oman and Iran “to follow up on reports which he received in Washington about a terrorist attack on India.”
“Pasha asked Ambassador to convey to Washington that he had followed up on threat information that an attack would be launched against India between September-November. He had been in direct touch with the Israelis on possible threats against Israeli targets in India,” the Oct 7, 2009 cable reported.
An ISI spokesman had no immediate comment.
Pakistan, a conservative Muslim country, has no diplomatic relations with Israel. Such contacts would infuriate Muslim militants waging a campaign to topple the government.
Israeli Spyware used by ISI
An official at Meta’s popular WhatsApp chat service has said Israeli spyware company Paragon Solutions targeted 90 of its users, including journalists and members of civil society.
The official told Reuters on Friday that WhatsApp had sent Paragon a cease-and-desist letter after the hack.
In July 2021, it was reported by Reuters that “Pakistan called on the United Nations on Friday to investigate whether India used Israeli-made Pegasus spyware to spy on public figures [in Pakistan], including Prime Minister Imran Khan. The Pakistani leader’s phone number was on a list of what an investigation by a group of 17 international media organizations and Amnesty International said were potential surveillance targets for countries that bought the spyware.”
Unnamed sources were quoted as saying, “Elbit Systems and Rafael Advanced Defense Systems (Israel-based companies) have been providing security assistance to Pakistan, and their products have been used by the Pakistan Armed Forces.”
Israeli cyber tech firm, Cellebrite, has sold Pakistan’s Federal Investigation Agency (FIA) and various police units products that are highly intrusive and can lead to gross human rights violations despite the two countries not having diplomatic ties and Israeli norms prohibiting such deals, a local media report said on Thursday.
The Israeli firm’s products have been in use by Pakistani agencies since 2012, Ha’aretz newspaper reported in an investigative report.
Cellebrite’s flagship product, UFED, is traded in Nasdaq and enables law enforcement agencies to engage in digital forensic work by hacking into password-protected cell phones and can copy information stored on the device, including pictures, documents, text messages, call logs and contacts.
Unlike Israeli company NSO, whose sale of Pegasus cyber tech grabbed worldwide attention, and other manufacturers of offensive-cyber products, Cellebrite operates in a grey area between security exports and civilian ones.
In 2020, the export of forensic equipment such as that produced by Cellebrite came under the Defence Ministry’s oversight, since it was included in the Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies, which defines which dual-use (security use and civilian use) products require oversight, the report noted.
However, International shipment records show that until at least 2019, Cellebrite Asia-Pacific Pte (its Singapore subsidiary) sold products directly to companies in Pakistan and to its Federal Investigation Agency, the Israeli daily reported.
This happened despite Cellebrite’s end-user license agreement forbidding sales to Pakistan.
In other proofs presented in the report, the investigative piece notes that in 2012 it was reported in Pakistan that the Sind Province police had acquired UFED Touch Ultimate devices made by Cellebrite, and their use has been expanding since.
The Express Tribune newspaper had also published pictures that clearly show Cellebrite’s product, the Israeli daily said.
“Operating manuals, documents and official invitations for bids show that police units and the FIA regularly use these systems,” Ha’aretz claimed.
“FIA officials, past and present who were tasked with enforcing the draconian cybercrime law, even state in their LinkedIn profiles that they have been trained and certified to use these systems and that they use them on a regular basis”, it noted.
Court rulings in Pakistan also refer to the extraction of forensic evidence from telephones but do not specify which technology was used, the report said.
The country’s different agencies use forensic systems made by other companies as well, but in an FIA invitation for bids from 2021 for systems made by two other firms, Belkasoft and Compelson, both were required to support files produced using Cellebrite’s technology, the report stressed.
Bidding requests issued by Pakistan’s Punjab police include a request for three UFED Ultimate devices, it further added.
Another bidding request by the counterterrorism division of the Peshawar police, from May of this year, also includes a request to renew the UFED license for another two years.
In yet another strong proof presented of the Israeli firm’s firm roots in Pakistan, a 2021 catalogue from Pakistan’s National Radio and Telecommunication Corporation (NRTC) touts a long list of technologies produced in the country.
On page 17, there is a listing for a UFED Touch 2 by Cellebrite.
On the next page, NRTC advertises BlackBag’s Mobilyze digital forensic technology, which was acquired by Cellebrite in 2020, the report pointed out “The company does not sell to Pakistan, directly or indirectly,” Cellebrite told the Israeli daily, but it refused to explain how that claim squares with Cellebrite-Singapore’s shipment certificates to Pakistan and with official tenders in Pakistan that demonstrate that the country’s investigation agency and police use its technology.
“Cellebrite is committed to its goal of creating a safer world by providing solutions for law enforcement bodies that permit them to solve crimes more quickly,” the company was quoted as saying in its response.
“For that purpose, we have developed strict means of oversight that ensure proper use of our technology in the context of investigations carried out by virtue of the law”, it stressed.
“As a global leader in digital intelligence, Cellebrite’s solutions assist thousands of law enforcement agencies to convict those who endanger public security and to do justice to the victims of crime”, the cyber tech firm argued.
The Israeli Defence Ministry reportedly declined to comment.
Cellebrite’s CEO, Yossi Carmel, as per the report, says that their products are sold only to police departments and security forces to “fight serious crime, including terrorism”.
However, Ha’aretz reported that Cellebrite’s hacking tools have over the years found their way to organisations that oppress human rights activists, minorities and the LGBTQ community.
The Daily has reported on numerous occasions that the Israeli firm’s clients include oppressive regimes that were or still are subject to sanctions.
Such clients include Bangladesh’s notorious Rapid Action Battalion, Belarus, China (including Hongkong, Uganda, Venezuela, Indonesia, the Philippines, Russia and Ethiopia, the report said.
The security forces in Pakistan are known to commit serious violations of human rights and freedom of expression.
A US State Department report on Human Rights in 2022 accused Pakistan of “significant” lapses.
“Significant human rights issues included credible reports of unlawful or arbitrary killings, including extrajudicial killings by the government or its agents; forced disappearance by the government or its agents; torture and cases of cruel, inhuman, or degrading treatment or punishment by the government or its agents; harsh and life-threatening prison conditions; arbitrary detention; political prisoners; transnational repression against individuals in another country; arbitrary or unlawful interference with privacy; serious restrictions on free expression and media, including violence against journalists ….”, the report had pointed out.
Pakistan, in 2016, also passed a cybercrime law, the Pakistan Electronic Crimes Act, or PECA, which imposed severe limits on online freedom of expression, particularly criticism of the government.
The law permits the exercise of strict online censorship without a court order and also allows the police to collect information from locked devices without a court order.
The South Asian nation went on to amend the draconian law last year to accord an expanded definition of potentially suspicious activity, making it much more regressive.
“PECA has been used to silence freedom of expression on the pretext of combating ‘fake news,’ cybercrime, and misinformation,” Nadia Rahman of Amnesty International, was reported as saying in response to the amendment.
Israeli lawyer and human rights activist, Eitay Mack, has been harshly critical of Cellebrite and the Israeli Defence Ministry, which he accuses of “providing oversight” of the company.
“Pakistan is not just another undemocratic country that is violating human rights, but a country that is ruled by the military and its intelligence units, which support international terrorist and crime organisations,” Mack was quoted as saying.
“Cellebrite’s systems could be used not only to persecute women and religious minorities that have ‘desecrated Islam’ but also to persecute journalists and opposition activists who are working to uncover the military’s ties with terror organisations like the Taliban and Al Qaeda,” he emphasised.
Unlike other instances when Israel used its cyber tech capabilities to promote diplomatic ties with countries like Saudi Arabia, UAE, and Morocco, Mack feels this is just a case of another Israeli company focusing on making profits, benefitting from the Defence Ministry’s “negligent oversight”.
“Because of internal political considerations in Islamabad (the Pakistani capital) and due to Israel’s strategic relationship with India, there is no way that the sale of any type of security equipment to Pakistan will advance Pakistan’s relations with Israel,” the activist lawyer said.
Ha’aretz newspaper also quoted a 2013 British government report alleging Israeli export of arms to Pakistan, including electronic warfare systems, radars and advanced fighter jet systems.
Israel and Pakistan have hobnobbed towards political normalisation in the past with a meeting between foreign ministers and a “chance handshake” between their top leaders, but there has been no significant progress given the acute public hostility against Israel in Pakistan.
Occasional contacts continue using Israeli permission to allow Muslim pilgrimage to the holy Al Aqsa mosque and delegation visits to promote inter-faith dialogue.
Bangladeshi DGFI is directly in contact with Mossad and Israeli tech firms.
Bangladesh is using sophisticated Israeli spyware to spy on its citizens, a new documentary by the Al Jazeera Investigative Unit revealed.
A still from All the Prime Minister’s Men, showing Bangladeshi intelligence officers with their faces blurred, James Moloney in the middle, and two Israeli intelligence experts on the far right.
Classified documents shown in the documentary reveal that Bangladesh secretly bought powerful surveillance equipment from an Israeli cyberwarfare firm.
Israeli espionage experts then secretly trained Bangladeshi intelligence officers.
Bangladesh has no diplomatic relations with Israel and no formal trade relations. Bangladeshi passports even state that they are “valid for all countries of the world except Israel.”
The documentary, titled All the Prime Minister’s Men, exposes the close ties between a Bangladeshi organized crime family, the Ahmed brothers, and the country’s former prime minister, Sheikh Hasina.
The contract lists the non-existing PicSix Ltd, Hungary as the manufacturer [Al Jazeera]
The undercover Al Jazeera reporter “Sami” – who is not fully identified for safety reasons – was negotiating a business relationship with Haris Ahmed, one of the brothers, when he found out that Haris is a fugitive convicted murderer.
Sami attempted to sever ties with the family, but received threatening emails from Aziz Ahmed, the chief of staff of the Bangladeshi army, who is also Haris’ brother.
In collaboration with the Al Jazeera Investigative Unit, Sami became an undercover reporter who continued to pose as a close associate of Haris.
In this role, Sami uncovered details about how Haris maintained investment portfolios in Europe under a false identity, while working closely with the Bangladeshi government and the army headed by his brother.
Experts interviewed in the documentary say the pattern of transactions engaged in by Haris are characteristic of money laundering schemes.
Months of undercover reporting revealed that the head of the army, General Aziz Ahmed, is aiding two of his brothers to escape prison sentences for murder, and that he ordered officers to help create a false identity for one who fled to Europe.
Aziz moved his fugitive brother, Haris Ahmed, to Hungary, where he operates under the false identity, buying companies and property using kickbacks from military contracts and running extortion rackets with Bangladesh security forces. A second fugitive brother was in hiding in Malaysia.
General Aziz Ahmed and his fugitive brother Haris are attending the 2019 Dhaka wedding of Aziz’s son. [Al Jazeera]
Picsix contract
Al Jazeera obtained classified documents exposing how Aziz Ahmed’s armed forces gathered information on Sheikh Hasina’s political opponents.
The documents include a contract in which Bangladesh secretly buys surveillance equipment from Israeli cyberwarfare company Picsix.
Picsix was founded by former Israeli intelligence experts, according to its website.
It is well-established that Israel’s tech industry has deep ties to and recruits directly from the country’s military and intelligence apparatus.
Equipment manufactured by Picsix “behaves like a cell tower,” Eliot Bendinelli of the technology watchdog Privacy International says in the documentary. “All the phones in a certain area are going to connect to it.”
In other words, Picsix differs from other malicious software in that it doesn’t rely on vulnerabilities in encrypted programs in order to infect devices.
Instead of breaking into encrypted programs, it glitches them to render them useless and drive users to use non-encrypted programs that can be easily intercepted.
Ithai Kenan, the vice president of Picsix, explains it as follows.
“We won’t just block WhatsApp entirely. Instead, we’ll let you make a WhatsApp call, and 10 seconds in, we’ll drop it. Maybe we’ll let you make another call, and in 20 seconds we’ll drop it,” he told MIT Technology Review, explaining how the tool creates a fake cell tower to intercept data.
“After your third failed call, trust me – you’ll make a regular call, and we will intercept it. It’s a smart and cost-effective way to go about interception.”
This is especially dangerous, since it cannot be as easily prevented through security updates.
The surveillance technology can connect to hundreds of phones at once, and intercept voice calls, texts messages and websites visited, among other information.
The product bought by Bangladesh is called P6 Intercept, according to the contract.
Bendinelli says that “this specific model is capable of interfering with communications.”
This means that those doing the spying can not only monitor targeted devices, but can also interfere with their content – for example, editing a text message or impersonating a user.
“Israeli technology can now be used to monitor and quell further protests” in Bangladesh, Al Jazeera states.
“It is a tool of mass surveillance,” Bendinelli adds.
The contract is dated 26 June 2018, one day after Aziz Ahmed was sworn in as the chief of staff of the Bangladeshi army. It also includes a condition that the Israeli company and the Bangladeshi military sign a nondisclosure agreement.
The country of origin is falsified in the contract – stating that the spyware was manufactured in Hungary rather than Israel.
Secret training
Sami revealed another layer of the transaction.
He said he was contacted in February 2019 – a few months after the contract was signed – by a friend from the Bangladesh military’s Directorate General of Forces Intelligence.
Sami was told that four military intelligence officers were traveling to Budapest, so he invited them for dinner.
The officers said they were bringing three guests, two Israeli intelligence experts and an Irish national.
The Israelis never showed up. Only James Moloney, the Irish CEO of the Singapore-based company Sovereign Systems, accompanied the Bangladeshi intelligence personnel.
Moloney and the Bangladeshi intelligence officers were discussing the transaction for the spyware, in which Moloney acted as middleman.
“My company is based in Singapore. So I am the selling agent,” Moloney is heard saying in a recording provided by Sami.
Despite Sovereign Systems acting as a facilitator, its website does not mention Picsix.
“It’s from Israel, so we don’t advertise that technology,” Moloney says during the meeting recorded by the undercover journalist.
“We are very careful about our public profile.”
There is good reason for his caution. Moloney understands the frightening power of the surveillance tool.
“The technology is very aggressive and intrusive,” Moloney says of the Israeli spyware at the dinner hosted by Sami.
“You don’t want the public to know that you are using that equipment.”
The two Israelis trained the four Bangladeshi intelligence officers in a warehouse near Budapest in 2019.
Al Jazeera obtained a picture of the Bangladeshi intelligence officers with Moloney and the two Israeli intelligence experts. It was not able to identify the Israelis.
© 2025, GDC. © GDC and www.globaldefensecorp.com. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to www.globaldefensecorp.com with appropriate and specific direction to the original content.
