The purpose of this letter is to alert Jefferies Financial Group and lending firms interested in the syndicated loan to the Citizen Lab’s structured, evidence-based research into the abuse of NSO Group spyware, as well as investigations and research conducted by organizations such as Amnesty International, security companies, and the security team at Google Inc.
We appreciate your commitment—as stated in your letter of February 15, 2019—to “helping NSO Group become more transparent about its business.” As a first step, we ask that Novalpina Capital provide answers to the following questions regarding Novalpina Capital and NSO Group’s human rights due diligence and corporate social responsibility practices.
Over the last month, two Citizen Lab staff members were contacted by two separate individuals in what appears to be an attempt to compromise our work. Each of the contacts purported to show an interest in the staff members’ personal, non-Citizen Lab related interests, and presented themselves as serious and professional.
Two days after the murder of award-winning Mexican journalist Javier Valdez Cárdenas, two of his colleagues began receiving text messages laden with NSO Group’s Pegasus spyware. To date, 24 targets of Pegasus have been identified in Mexico. This case additionally illustrates an alarming trend of spyware attacks around the world specifically aimed at journalists.
In this report, we describe how Canadian permanent resident and Saudi dissident Omar Abdulaziz was targeted with a fake package delivery notification. We assess with high confidence that Abdulaziz’s phone was infected with NSO’s Pegasus spyware. We attribute this infection to a Pegasus operator linked to Saudi Arabia.