Targeted Threats

Back to Research

Investigations into the prevalence and impact of digital espionage operations against civil society groups.

Featured in Targeted Threats

April 11, 2023

Sweet QuaDreams: A First Look at Spyware Vendor QuaDream’s Exploits, Victims, and Customers

April 18, 2022

CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru

March 1, 2022

Psychological and Emotional War: Digital Transnational Repression in Canada

Digital Transnational Repression Explained

Citizen Lab produced an animated explainer video on digital transnational repression in Canada that also highlight some of the stories of the interviewees while also protecting their identities.

Latest Research

Armenia-Azerbaijan conflict: Pegasus infections – Technical Brief [1]

May 25, 2023

We identified widespread Pegasus spyware infections within Armenian civil society. We also identified two suspected Pegasus operators in Azerbaijan, whom we call BOZBASH and YANAR.

Triple Threat: NSO Group’s Pegasus Spyware Returns in 2022 with a Trio of iOS 15 and iOS 16 Zero-Click Exploit Chains

April 18, 2023

In 2022, the Citizen Lab gained extensive forensic visibility into new NSO Group exploit activity after finding infections among members of Mexico’s civil society, including two human rights defenders from Centro PRODH, which represents victims of military abuses in Mexico.

New Pegasus Spyware Abuses Identified in Mexico

October 2, 2022

Mexican digital rights organization R3D, with technical support from the Citizen Lab, has determined that Mexican journalists and a human rights defender were infected with Pegasus between 2019 and 2021. The infections occurred years after the first revelations of Pegasus abuses in Mexico, and after Mexico’s current President assured the public that the government no longer used the spyware, and that there would be no further abuses.

GeckoSpy: Pegasus Spyware Used against Thailand’s Pro-Democracy Movement

July 17, 2022

Our investigation uncovered an extensive Pegasus hacking operation against pro-democracy campaigners in Thailand. At least 30 forensically-confirmed victims of NSO Group’s Pegasus spyware between October 2020 and November 2021.

UK Government Officials Infected with Pegasus

April 18, 2022

We confirm that in 2020 and 2021 we observed and notified the government of the United Kingdom of multiple suspected instances of Pegasus spyware infections within official UK networks, including the Prime Minister’s Office and the Foreign and Commonwealth Office.