Endless Mayfly is an Iran-aligned network of inauthentic websites and online personas used to spread false and divisive information primarily targeting Saudi Arabia, the United States, and Israel. Using this network as an illustration, this report highlights the challenges of investigating and addressing disinformation from research and policy perspectives.
This research brief details how Griselda Triana, journalist and the wife of slain journalist Javier Valdez Cárdenas, was targeted with NSO Group’s Pegasus spyware in the days after his killing.
Over the last month, two Citizen Lab staff members were contacted by two separate individuals in what appears to be an attempt to compromise our work. Each of the contacts purported to show an interest in the staff members’ personal, non-Citizen Lab related interests, and presented themselves as serious and professional.
Two days after the murder of award-winning Mexican journalist Javier Valdez Cárdenas, two of his colleagues began receiving text messages laden with NSO Group’s Pegasus spyware. To date, 24 targets of Pegasus have been identified in Mexico. This case additionally illustrates an alarming trend of spyware attacks around the world specifically aimed at journalists.
Given Novalpina Capital’s recent acquisition of NSO Group and the obvious human rights concerns raised by NSO Group’s business practices, Citizen Lab’s Ronald Deibert seeks a response from the South Yorkshire Pensions Authority regarding how its investment in Novalpina is consistent with the Authority’s Policy and what measures were taken by the Authority to inform and educate pension fund contributors and members regarding NSO Group.
Spyware developer NSO Group is usually quick to dismiss the evidence that its customers have abused its Pegasus mobile phone spyware. This pattern of denials was repeated in a recent 60 Minutes investigation, which gives a rare look into NSO Group’s management.
Published by the Review of Policy Research, this paper by the Citizen Lab’s Ron Deibert, Joshua Oliver, and Adam Senft takes a deep dive into data provided by the circumvention tool Psiphon to reveal Iran’s increasingly sophisticated Internet blocking strategy around elections.
He provided oral comments to the committee which were, substantially, a truncated version of the brief he submitted. His oral comments are available to download, and what follows in this post is the actual brief which was submitted.
Without Novalpina Capital—or the parties that you hired to conduct due diligence—concluding that Citizen Lab reporting is flawed and providing a substantiated basis to prove such a finding, it remains the case that you are purchasing a company implicated in serious human rights abuses and have decided to simply ignore this fact. It also remains the case that, without meaningful engagement with our research, your due diligence process will appear to many as nothing more than a superficial effort to check boxes and appease stakeholders concerned by NSO Group.
The purpose of this letter is to alert Jefferies Financial Group and lending firms interested in the syndicated loan to the Citizen Lab’s structured, evidence-based research into the abuse of NSO Group spyware, as well as investigations and research conducted by organizations such as Amnesty International, security companies, and the security team at Google Inc.
