Confirming Large-Scale Pegasus Surveillance of Jordan-based Civil Society

As part of a collaborative investigation led by Access Now, Citizen Lab researchers conducted forensic analysis of iPhones belonging to members of Jordan-based civil society.

We can publicly confirm that the following nine named individuals were targeted and/or infected with Pegasus.

Details of these infections are available in the report by Access Now HERE.

Notably, evidence of targeting may in some cases simply indicate that there are insufficient forensic artifacts to conclude that an infection took place, and does not preclude this possibility.

We can also confirm results of forensic analysis of 21 additional individuals from civil society that have requested anonymity.

At least 14 of the victims confirmed by Citizen Lab analysis work in media, such as journalists or staff. The rest are activists, lawyers, and other members of civil society.

Thus, Citizen Lab can confirm a total of 30 cases of Pegasus infection or targeting, while an additional five individuals’ cases described in the Access Now report have been analyzed and confirmed by investigative partners.

The Investigative Collaboration

The investigation into the targeting of Jordanian civil society with Pegasus was led by Access Now, with the collaboration of Access Now’s local partners, alongside Amnesty Tech, the Citizen Lab, Human Rights Watch, and the Organized Crime and the Corruption Reporting Project.

The investigation found that at least 35 individuals were infected or targeted with Pegasus spyware, from at least 2019 until September 2023, but does not preclude the possibility of infections occurring before or after this timeframe.

In addition to the Access Now report, Access Now’s Digital Security Helpline has published a technical brief outlining their research methodologies for confirming Peagasus infections.