Targeted Threats
Investigations into the prevalence and impact of digital espionage operations against civil society groups.
Featured in Targeted Threats
Digital Transnational Repression Explained
Citizen Lab produced an animated explainer video on digital transnational repression in Canada that also highlight some of the stories of the interviewees while also protecting their identities.
Latest Research
بيغاسوس PEGASUS ضد بريداتور PREDATOR: الاستهداف المضاعف لجهاز الآيفون الخاص بمعارض يكشف عن برنامج التجسس المأجور من Cytrox
بواسطة: بيل مارزاك، جون سكوت-رايلتون، بحر عبد الرزاق، نورا الجيزاوي، سيينا أنستيس، كريستين بردان، ورون ديبرت. النتائج الرئيسية تم اختراق معارضَين مصريين في المنفى؛ وهما السياسي أيمن نور، ومقدم برنامج شهير (والذي يرغب بألا يفصح عن هويته). تم الاختراق بواسطة برنامج التجسس بريداتور (Predator)، والذي تم تطويره وبيعه بواسطة Cytrox لتطوير برامج التجسس المرتزقة، وهي… Read more »
Pegasus vs. Predator: Dissident’s Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware
Two Egyptians—exiled politician Ayman Nour and the host of a popular news program (who wishes to remain anonymous)—were hacked with Predator spyware, built and sold by the previously little-known mercenary spyware developer Cytrox. The phone of Ayman Nour was simultaneously infected with both Cytrox’s Predator and NSO Group’s Pegasus spyware, operated by two different government clients.
Devices of Palestinian Human Rights Defenders Hacked with NSO Group’s Pegasus Spyware
Front Line Defenders’ analysis indicated that six devices belonging to six Palestinian human rights defenders were hacked with Pegasus, a spyware developed by the cyber-surveillance company NSO Group. Both the Citizen Lab and Amnesty International’s Security Lab independently confirmed these findings.
Breaking the News: New York Times Journalist Ben Hubbard Hacked with Pegasus after Reporting on Previous Hacking Attempts
Our forensic analysis of two iPhones belonging to Hubbard found evidence of Pegasus infections in July 2020 and June 2021. Notably, these infections occurred after Hubbard reported in January 2020 that we found that he was targeted in 2018 by the Saudi Arabia-linked Pegasus operator that we call KINGDOM.
FORCEDENTRY: NSO Group iMessage Zero-Click Exploit Captured in the Wild
While analyzing the phone of a Saudi activist infected with NSO Group’s Pegasus spyware, we discovered a zero-day zero-click exploit against iMessage. The exploit, which we call FORCEDENTRY, targets Apple’s image rendering library, and was effective against Apple iOS, MacOS and WatchOS devices.