Targeted Threats
Investigations into the prevalence and impact of digital espionage operations against civil society groups.
Featured in Targeted Threats
Digital Transnational Repression Explained
Citizen Lab produced an animated explainer video on digital transnational repression in Canada that also highlight some of the stories of the interviewees while also protecting their identities.
Latest Research
Armenia-Azerbaijan conflict: Pegasus infections – Technical Brief [1]
We identified widespread Pegasus spyware infections within Armenian civil society. We also identified two suspected Pegasus operators in Azerbaijan, whom we call BOZBASH and YANAR.
Sweet QuaDreams: A First Look at Spyware Vendor QuaDream’s Exploits, Victims, and Customers
At least five civil society victims of QuaDream’s spyware and exploits were identified in North America, Central Asia, Southeast Asia, Europe, and the Middle East. Victims include journalists, political opposition figures, and an NGO worker. Traces of a suspected iOS 14 zero-click exploit used to deploy QuaDream’s spyware.
New Pegasus Spyware Abuses Identified in Mexico
Mexican digital rights organization R3D, with technical support from the Citizen Lab, has determined that Mexican journalists and a human rights defender were infected with Pegasus between 2019 and 2021. The infections occurred years after the first revelations of Pegasus abuses in Mexico, and after Mexico’s current President assured the public that the government no longer used the spyware, and that there would be no further abuses.
GeckoSpy: Pegasus Spyware Used against Thailand’s Pro-Democracy Movement
Our investigation uncovered an extensive Pegasus hacking operation against pro-democracy campaigners in Thailand. At least 30 forensically-confirmed victims of NSO Group’s Pegasus spyware between October 2020 and November 2021.
CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru
The Citizen Lab, in collaboration with Catalan civil society groups, has identified at least 65 individuals targeted or infected with mercenary spyware, including members of the European Parliament, Catalan Presidents, legislators, jurists, and members of civil society organisations.