Targeted Threats

Back to Research

Investigations into the prevalence and impact of digital espionage operations against civil society groups.

Featured in Targeted Threats

CBC: WhatsApp Attributes Hack of 1,400 Users to NSO Group Technology

Citizen Lab senior researcher John Scott-Railton discusses why WhatsApp is suing NSO Group after discovering their spyware was used to target 1,400 users—100 of whom were members of civil society—and why this is a significant bellwether.

Latest Research

NSO Group / Q Cyber Technologies: Over One Hundred New Abuse Cases

The May 2019 WhatsApp Incident As reported in May 2019, WhatsApp identified and shortly thereafter fixed a vulnerability that allowed attackers to inject commercial spyware on to phones simply by ringing the number of a target’s device. Today Oct 29th, WhatsApp is publicly attributing the attack to NSO Group, an Israeli spyware developer that also… Read more »

Burned After Reading: Endless Mayfly’s Ephemeral Disinformation Campaign

Endless Mayfly is an Iran-aligned network of inauthentic websites and online personas used to spread false and divisive information primarily targeting Saudi Arabia, the United States, and Israel. Using this network as an illustration, this report highlights the challenges of investigating and addressing disinformation from research and policy perspectives.

Statement from Citizen Lab Director on Attempted Operations Against Researchers

Over the last month, two Citizen Lab staff members were contacted by two separate individuals in what appears to be an attempt to compromise our work. Each of the contacts purported to show an interest in the staff members’ personal, non-Citizen Lab related interests, and presented themselves as serious and professional.