Police Brigadier General Zsolt Bodnár, the former deputy head of Hungary’s Counter Terrorism Center (TEK) has also been targeted with Pegasus, a military-grade spyware designed to hack smartphones, a Direkt36 investigation has revealed. His phone number appears in the leaked database that includes targets selected for surveillance by certain foreign clients of NSO Group, the Israeli company that developed the cyber weapon.

The fact that TEK’s former Deputy Director-General was among the targets is remarkable in several respects. The company that developed Pegasus specifically promotes its service by saying that “NSO creates technology that helps government agencies prevent and investigate terrorism and crime to save thousands of lives around the globe.” However, during his decades-long career in law enforcement, Zsolt Bodnár himself led the fight against terrorism and organized crime at various authorities: he was deputy head of the Budapest Police Headquarters (BRFK) until 2010, then Deputy Director-General of TEK between 2010-2018.

Bodnár was selected for targeting at the time of his abrupt departure from the Counter Terrorism Centre in the spring of 2018. TEK claimed that this was due to organizational changes. However, according to news reports about his departure, he was let go due to loss of confidence and political infighting. Several sources familiar with TEK’s internal affairs told Direkt36 that TEK Director-General János Hajdú indeed lost his trust in Bodnár as he suspected that his deputy might have tried to gather sensitive internal information about TEK and about him personally. An internal investigation was then launched against Bodnár and he was eventually removed from the organization.

The database of telephone numbers selected for targeting by NSO’s clients was jointly obtained by Forbidden Stories, a Paris-based network of journalists, and international human rights advocacy organization Amnesty International. The data was shared with an international consortium of 17 media outlets, called the Pegasus Project, of which Direkt36 was the only participant of from Hungary.

Appearing in the database does not necessarily mean that the device associated with the phone number has been successfully hacked with the spyware. However, in the case of many foreign and Hungarian targets, the forensic analyses of their devices managed to identify traces of Pegasus infection. NSO’s spyware gives total access to all the data on a phone, even encrypted messages. Furthermore Pegasus can also remotely turn on a phone’s microphone and camera.

NSO Group claims that they sell Pegasus exclusively to foreign states and state authorities. There is a lot of circumstantial evidence to suggest that Hungarian targets of the Israeli spyware have been surveilled by Hungarian government agencies. A retired Hungarian intelligence officer as well as a former NSO employee confirmed to the international consortium of journalists that Hungary had indeed purchased and deployed Pegasus from 2018 onwards.

Meanwhile, the Orbán government has not denied that they use the Pegasus spyware, nor do they refute the surveillance of individuals – journalists, media company owners, influential lawyers, opposition politicians etc. – reported in Direkt36’s previous articles.

Zsolt Bodnár’s case is not the first where the phone of a high-ranking Hungarian state official who had a conflict with his boss was targeted with Pegasus spyware. In a previous article, we reported that this was also the case with Secretary of State Attila Aszódi who clashed with János Süli, the minister in charge of the upgrade of the Paks nuclear power plant.

Former security officers interviewed by Direkt36 said that Bodnár’s targeting was considered rather unusual. Several of them claimed that the surveillance of such a high-ranking national security official is an extreme event in the history of the Hungarian security agencies. According to them, this could only happen if someone was suspected of a very serious crime. However, this does not seem to be the case with Bodnár as he has not been accused of any crime and found other jobs in the police force even after leaving TEK.

We sent media requests to both TEK and the Hungarian government about Zsolt Bodnár’s targeting with Pegasus spyware but received no answer. We also reached out to Bodnár several times, through several channels, but he did not react either. As a result, it wasn’t possible to analyze his smartphone, and we couldn’t check if Bodnár’s phone was successfully hacked with Pegasus.

End of a friendship

When the Counter Terrorism Centre was established in 2010, the new organization received criticism for entrusting its management to János Hajdú, the former bodyguard of Viktor Orbán and former special force policeman. Hajdú, who took part in many hundreds of police operations, had a lot of experience in busting criminals, but not so much in investigation and intelligence gathering, analysis, or organizational management. However, Hajdú tapped Zsolt Bodnár, an experienced police chief, as his deputy, and together they led TEK for years as a seemingly inseparable couple.

According to his Linkedin profile, Bodnár began his police career as a criminal investigator in 1983, headed the Organized Crime Division of the National Police Headquarters (ORFK) in the 1990s, and then served as BRFK’s Deputy Chief of Police in the 2000s. He left this position to join János Hajdú at the newly formed counter-terrorism agency in 2010.

Sources familiar with the internal affairs of the organization described Zsolt Bodnár as “the brain of the Counter Terrorism Centre”. He was responsible for counter-terrorism investigations and even international cooperation, but he was also the one who explained the details of specific operations or cases to the media several times at TEK’s press conferences.

That is why it surprised many even within TEK, when Bodnár was fired overnight in May 2018, a former security officer experienced in counterterrorism told Direkt36. Moreover, Bodnár was not only his deputy, but also a close friend of Hajdú. “It’s absolutely incomprehensible what happened between the two,” said a mutual acquaintance of them, who added that the conflict was hurtful on a personal level too.
According to several sources familiar with TEK’s internal affairs, Hajdú began to suspect that his deputy was trying to gain access to various sensitive information about the organization and about him personally, out of political interests and career ambitions.

One source recalled that Hajdú reported this suspicion to the Ministry of the Interior, headed by Sándor Pintér, where they took the report seriously. According to the usual procedure in such cases, a law enforcement organization such as TEK is not supposed to lead the investigation, as it cannot conduct a thorough internal investigation against its own leadership. In similar cases, the agency that launches an investigation is the internal counterintelligence, called the National Protective Service (NVSZ). They are authorized to deploy the full arsenal of intelligence tools to support their operations, like undercover agents, wiretapping, covert surveillance, etc.

A source with knowledge of the conflict said there was no suspicion that Bodnár might have leaked information to organized criminal circles or to a foreign intelligence service. According to the source, the Deputy Director-General of TEK was fired as a result of one of the internal conflicts within the Fidesz government.

Press reports at the time already suggested that Bodnár’s departure may have been related to the hostility between János Lázár and Sándor Pintér. Lázár aspired to become Minister of Interior when Fidesz came to power in 2010, but the position was eventually given to Sándor Pintér. However, as over time Lázár became more and more influential in Fidesz – at the peak of his power between 2014 and 2018, he led the Prime Minister’s Office -, he also entered into a number of conflicts with Pintér and his ministry apparatus, and even specifically with TEK.

After the 2018 election, Lázár found himself outside of the government, and, according to Hungarian weekly Magyar Hang’s report, his firing also resulted in Bodnár’s departure for “reasons of trust”. According to Index.hu reports at the time, Bodnár had enemies in the Ministry of Interior and this has led to his sacking.

However, this was not the first occasion that TEK was suspected of gathering information on a top government official and then passing it on to another. In 2015, hvg.hu reported that, according to their sources, President János Áder had also lost his confidence in TEK, the agency that was providing his personal protection. “From his conversations with Orbán, it became clear to him that the Prime Minister knows about everything in his schedule. Not just about what’s on his weekly agenda, but all of his meetings as well”, hvg.hu wrote.

According to the article, this was also connected to the President’s decision when “on March 15 (Hungary’s national holiday)Áder rejected the promotion of Zsolt Bodnár from Brigadier General to Major General, even though he was considered one of the best investigators in the country.” (Interestingly, the author of the above article, Brigitta Csikász, was also surveilled with Pegasus a couple of years later.)

Just like the Bulgarians with their polygraphs

The information available so far all suggests that Hungarian targets were surveilled with Pegasus by Hungarian government agencies. Since Bodnár himself was a high-ranking law enforcement officer, this would mean that he was essentially targeted with the cyber weapon by his own colleagues. This would be extraordinary, according to former security officers who have seen first hand a number of internal probes, investigations, disciplinary and criminal proceedings.

A former security officer with experience in counter-terrorism said it would have to be an extreme case for a state to deploy a Pegasus-level cyber weapon against one of its own top national security officials. “In principle, this can happen, but then the trouble is already quite big there,” explained the former officer, who added that this could only happen if there was a really serious and well-founded suspicion. He cited espionage on behalf of a foreign power and corruption as examples.

In similar cases, internal investigations typically lead to criminal charges and prosecution, as happened after 2010 against several previous leaders of Hungarian security agencies. But nothing like that happened to Zsolt Bodnár. TEK explained Bodnár’s dismissal simply by saying that the “intelligence and counter-intelligence environment” had changed over the years, and this “justified certain transformations that affected service areas and resulted in leadership changes. Police Brigadier General Zsolt Bodnár will continue to work in areas of service other than TEK.”

Even if any suspicions were raised against Bodnár, it could not have been serious at all, as he could indeed continue serving in the police force. According to Bodnár’s Linkedin profile, after leaving TEK he became head counselor at ORFK, the National Police Headquarters. According to a source familiar with TEK’s internal affairs, Bodnár later worked at the International Law Enforcement Academy in Budapest, also known as the ’FBI Academy’, before eventually leaving the police force to join a private security company. According to a former senior security officer, if Bodnár had indeed done something illegal – for example, he had unauthorized access to information gathered through surveillance – he should have been reported to authorities, otherwise it would be a criminal offense (misprision of felony) not to notify about such wrongdoings. On the other hand, if Bodnár was spied on without real suspicion simply just for political reasons, then the surveillance itself may have been illegal.

The presence of Bodnár’s phone number on the list of Pegasus targets raises another type of question.

“To unleash an Israeli spyware on our own people, moreover, on one of our own Brigadier Generals, would be just like the case of those Bulgarians with their lie-detectors,”

a former security officer told Direkt36. He referred to the infamous case when Lajos Galambos, Director-General of the Office of National Security (the predecessor of the Constitution Protection Office), had his own staff put on lie-detectors with the help of Russian experts disguised as Bulgarians. It was suspected that sensitive information gathered through these polygraph tests could have been leaked to Russia. That case was followed up with detentions, house searches and many years of court proceedings, before charges of espionage were eventually dropped.

“Exfiltrating information from a civilian’s phone with an Israeli spyware is a nasty thing to do because it violates their individual rights. If, on the other hand, this happens to one of the leaders of the Counter Terrorism Centre, core Hungarian national security interests and the most serious classified information are at stake,”

explained a former Hungarian security officer. According to the source, if any information about the Deputy Director-General himself or from his communication was leaked to a foreign country, it would be extremely worrying because, among other things, TEK is tasked with the personal protection of Prime Minister Viktor Orbán and his family.

There is no publicly available evidence so far that suggests data collected through surveillance with the Pegasus spyware was accessed by foreign governments, such as Israel, the country that hosts the headquarters of NSO Group. NSO firmly states that they will not pass on any information to the Israeli government. The company also claims that they themselves do not see the data that their customers collect with Pegasus.

However, these claims are called into question due to by several factors. The most obvious example is the fact that a database containing targets selected by NSO customers has been leaked and Forbidden Stories together with Amnesty International managed to obtain it (the Israeli spyware manufacturer denies that the leaked phone numbers were Pegasus targets, but there is ample evidence).

In addition, U.S. intelligence officials told the Washington Post, the U.S. partner of the Pegasus Project, that at least some of the information gathered with NSO’s spyware ends up with the Israeli government. Gérard Araud, a retired French diplomat and former external consultant to NSO Group, also said in an interview that although he has no evidence of this, he believes the company is indeed cooperating with Mossad, Israel’s intelligence service. NSO Group was founded by former Israeli intelligence officers, but Araud also assumes that even the CIA has access to data gathered with the spyware through Pegasus’ ’backdoor’. Russia, for example, does not use the spyware specifically due to this possibility.

Hungarian opposition MP Attila Mesterházy, who is also the Vice-President of the NATO Parliamentary Assembly, is trying to investigate the Pegasus surveillances and find out, among other things, whether data sensitive to national security was leaked to foreign countries. Mesterházy met with the director-generals of the Constitution Protection Office and the Special Service for National Security, and although he had to sign a confidentiality agreement, he could reveal to Direkt36 that heads of these intelligence agencies did not give clear and reassuring answers. According to Mesterházy, it should be immediately investigated whether classified information was leaked to a foreign country, harming national security interests, and whether the use of Israeli spyware could have led to a breach of state secrets, espionage or treason.