This research brief details how Griselda Triana, journalist and the wife of slain journalist Javier Valdez Cárdenas, was targeted with NSO Group’s Pegasus spyware in the days after his killing.
I am a Senior Research Fellow at Citizen Lab, a co-founder of Bahrain Watch, and a Postdoctoral Researcher at UC Berkeley, where I received my PhD in Computer Science under the advisorship of Vern Paxson. My work focuses on novel technological threats to Internet freedom, including new censorship and surveillance tools. My expertise is in Internet scanning and conducting digital investigations. Coverage of my work has been featured in Vanity Fair, the New York Times, the Washington Post, on CNN, and on Larry King.
Two days after the murder of award-winning Mexican journalist Javier Valdez Cárdenas, two of his colleagues began receiving text messages laden with NSO Group’s Pegasus spyware. To date, 24 targets of Pegasus have been identified in Mexico. This case additionally illustrates an alarming trend of spyware attacks around the world specifically aimed at journalists.
In this report, we describe how Canadian permanent resident and Saudi dissident Omar Abdulaziz was targeted with a fake package delivery notification. We assess with high confidence that Abdulaziz’s phone was infected with NSO’s Pegasus spyware. We attribute this infection to a Pegasus operator linked to Saudi Arabia.
في هذا التقرير ، نَصِف كيف تم استهداف المقيم الدائم في كندا، والمنشق السعودي؛ “عمر عبد العزيز”، عبر إشعار مزيف عن “تتبع شحنة بريد”. نحن وجدنا -وبثقة عالية- أن هاتف عبد العزيز قد تم استهدافه ببرنامج التجسس “بيغاسوس” من شركة NSO. نعزو هذه الإصابة إلى مشغل “بيغاسوس” مرتبط بالمملكة العربية السعودية.
عَمِلنا في هذا البحث على تطوير تقنيات جديدة لمسح الإنترنت لتحديد 45 بلداً قد يقوم فيها مشغلو برامج التجسس بيغاسوس من شركة NSO بإجراء عمليات تجسس.
In this post, we develop new Internet scanning techniques to identify 45 countries in which operators of NSO Group’s Pegasus spyware may be conducting operations.
Citizen Lab validates Amnesty International investigation showing targeting of staff member and Saudi activist with NSO Group’s technology.
This report describes our investigation into the global proliferation of Internet filtering systems manufactured by the Canadian company, Netsweeper Inc.
This section details the research questions that informed our study. We also outline in detail the methods that we adopted to identify Netsweeper installations worldwide, and those that we employed to reduce the findings to countries of interest. We also present high-level technical findings and observations.
In this section, we spotlight several countries where we have evidence of public ISPs blocking websites using Netsweeper’s products. Each country has significant human rights, public policy, insecurity, or corruption challenges, and/or a history of using Internet censorship to prevent access to content that is protected under international human rights frameworks.