Investigations into the prevalence and impact of digital espionage operations against civil society groups.
Featured in Targeted Threats
CBC: WhatsApp Attributes Hack of 1,400 Users to NSO Group Technology
Citizen Lab senior researcher John Scott-Railton discusses why WhatsApp is suing NSO Group after discovering their spyware was used to target 1,400 users—100 of whom were members of civil society—and why this is a significant bellwether.
Circles is a surveillance firm that reportedly exploits weaknesses in the global mobile phone system to snoop on calls, texts, and the location of phones around the globe, and is affiliated with NSO Group, which develops the oft-abused Pegasus spyware. Using Internet scanning, we found a unique signature associated with the hostnames of Check Point firewalls used in Circles deployments, enabling us to identify Circles deployments in at least 25 countries.
The May 2019 WhatsApp Incident As reported in May 2019, WhatsApp identified and shortly thereafter fixed a vulnerability that allowed attackers to inject commercial spyware on to phones simply by ringing the number of a target’s device. Today Oct 29th, WhatsApp is publicly attributing the attack to NSO Group, an Israeli spyware developer that also… Read more »
In recent days, United Nations Special Rapporteurs have released two revelatory reports that demonstrate the dangerous effects of unchecked technology in the hands of autocrats: one relating to the proliferation and abuse of surveillance software and one that investigates the murder of Washington Post journalist Jamal Khashoggi. Both reports highlight the danger of unaccountable and unregulated surveillance technology sold to countries with egregious human rights records.
Endless Mayfly is an Iran-aligned network of inauthentic websites and online personas used to spread false and divisive information primarily targeting Saudi Arabia, the United States, and Israel. Using this network as an illustration, this report highlights the challenges of investigating and addressing disinformation from research and policy perspectives.