Ethiopian’s penchant for commercial spyware is notorious, as is its pattern of digital espionage against journalists, activists, and other entities—many of which are based overseas—that seek to promote government accountability and are therefore viewed as political threats. Yet the Ethiopian government and others like it have faced little pressure to cease this particular strain of digital targeting.
This report describes how Ethiopian dissidents in the US, UK, and other countries were targeted with emails containing sophisticated commercial spyware posing as Adobe Flash updates and PDF plugins. Targets include a US-based Ethiopian diaspora media outlet, a PhD student, a lawyer, and even a Citizen Lab researcher.
Claudio X. González, the director of Mexicanos Contra la Corrupción y la Impunidad (MCCI: Mexicans Against Impunity and Corruption), becomes the 22nd known individual abusively targeted with NSO’s spyware technology in Mexico.
Lawyers representing the families of three slain Mexican women were sent infection attempts with NSO Group’s Pegasus spyware after questioning official accounts of the killings.
The international investigation into the 2014 Iguala Mass Disappearance was targeted with infection attempts using spyware developed by the NSO group.
NSO Group’s Pegasus spyware and exploit framework were used in infection attempts against Mexican senators and senior politicians in June and July 2016.
Uncovering an operation using NSO Group’s Pegasus spyware and Trident exploit framework to target Mexican journalists, lawyers, and even a minor child.
Documents stolen from a prominent journalist and critic of the Russian government were manipulated and then released as a “leak” to discredit domestic and foreign critics of the government. We call this technique “tainted leaks.”
We are releasing a more comprehensive “checklist” consolidating our thoughts on how best to confront the lack of accountability in the commercial spyware trade.