Targeted Threats

Back to Research

Investigations into the prevalence and impact of digital espionage operations against civil society groups.

Featured in Targeted Threats

April 11, 2023

Sweet QuaDreams: A First Look at Spyware Vendor QuaDream’s Exploits, Victims, and Customers

April 18, 2022

CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru

March 1, 2022

Psychological and Emotional War: Digital Transnational Repression in Canada

Digital Transnational Repression Explained

Citizen Lab produced an animated explainer video on digital transnational repression in Canada that also highlight some of the stories of the interviewees while also protecting their identities.

Latest Research

Devices of Palestinian Human Rights Defenders Hacked with NSO Group’s Pegasus Spyware

November 8, 2021

Front Line Defenders’ analysis indicated that six devices belonging to six Palestinian human rights defenders were hacked with Pegasus, a spyware developed by the cyber-surveillance company NSO Group. Both the Citizen Lab and Amnesty International’s Security Lab independently confirmed these findings.

Breaking the News: New York Times Journalist Ben Hubbard Hacked with Pegasus after Reporting on Previous Hacking Attempts

October 24, 2021

Our forensic analysis of two iPhones belonging to Hubbard found evidence of Pegasus infections in July 2020 and June 2021. Notably, these infections occurred after Hubbard reported in January 2020 that we found that he was targeted in 2018 by the Saudi Arabia-linked Pegasus operator that we call KINGDOM.

FORCEDENTRY: NSO Group iMessage Zero-Click Exploit Captured in the Wild

September 13, 2021

While analyzing the phone of a Saudi activist infected with NSO Group’s Pegasus spyware, we discovered a zero-day zero-click exploit against iMessage. The exploit, which we call FORCEDENTRY, targets Apple’s image rendering library, and was effective against Apple iOS, MacOS and WatchOS devices.

من اللؤلؤة إلى بيغاسوس: الحكومة البحرينية تخترق نشطاء عبر استغلال ثغرة “Zero-Click” من “NSO Group”

August 24, 2021

لقد حددنا تسعة نشطاء بحرينيين تم اختراق أجهزتهم الآيفون باستخدام برنامج تجسس “Pegasus” من NSO Group في الفترة ما بين يونيو 2020 و فبراير 2021. بعض النشطاء قد تم اختراقهم باستغلال ثغرتين zero-click في iMessage, كنا قد سمينا الثغرتين التي تم اكتشافها في 2020 ب KISMET، أما الثغرة المستخدمة في 2021 فنسميها FORCEDENTRY

From Pearl to Pegasus: Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits

August 24, 2021

We identified nine Bahraini activists whose iPhones were successfully hacked with NSO Group’s Pegasus spyware between June 2020 and February 2021. The hacked activists included three members of Waad (a secular Bahraini political society), three members of the Bahrain Center for Human Rights, two exiled Bahraini dissidents, and one member of Al Wefaq (a Shiite Bahraini political society).