Endless Mayfly is an Iran-aligned network of inauthentic websites and online personas used to spread false and divisive information primarily targeting Saudi Arabia, the United States, and Israel. Using this network as an illustration, this report highlights the challenges of investigating and addressing disinformation from research and policy perspectives.
John Scott-Railton is a Senior Researcher at Citizen Lab. He investigates threats to a free and secure internet. He focuses on: -Abuses of government-exclusive spyware -Online disinformation operations -State-sponsored cyber militias He can be reached at jsr [at] citizenlab.ca
Two days after the murder of award-winning Mexican journalist Javier Valdez Cárdenas, two of his colleagues began receiving text messages laden with NSO Group’s Pegasus spyware. To date, 24 targets of Pegasus have been identified in Mexico. This case additionally illustrates an alarming trend of spyware attacks around the world specifically aimed at journalists.
In this report, we describe how Canadian permanent resident and Saudi dissident Omar Abdulaziz was targeted with a fake package delivery notification. We assess with high confidence that Abdulaziz’s phone was infected with NSO’s Pegasus spyware. We attribute this infection to a Pegasus operator linked to Saudi Arabia.