The submission reviews Citizen Lab research on the use of private surveillance technology against human rights actors, describes some of the common practices of concern among private companies in the surveillance industry, and proposes a set of recommendations for the path forward.
This is a living resource document providing links and descriptions to litigation and other formal complaints concerning digital surveillance and the digital surveillance industry.
Two days after the murder of award-winning Mexican journalist Javier Valdez Cárdenas, two of his colleagues began receiving text messages laden with NSO Group’s Pegasus spyware. To date, 24 targets of Pegasus have been identified in Mexico. This case additionally illustrates an alarming trend of spyware attacks around the world specifically aimed at journalists.
In this report, we describe how Canadian permanent resident and Saudi dissident Omar Abdulaziz was targeted with a fake package delivery notification. We assess with high confidence that Abdulaziz’s phone was infected with NSO’s Pegasus spyware. We attribute this infection to a Pegasus operator linked to Saudi Arabia.
عَمِلنا في هذا البحث على تطوير تقنيات جديدة لمسح الإنترنت لتحديد 45 بلداً قد يقوم فيها مشغلو برامج التجسس بيغاسوس من شركة NSO بإجراء عمليات تجسس.
In this post, we develop new Internet scanning techniques to identify 45 countries in which operators of NSO Group’s Pegasus spyware may be conducting operations.
Citizen Lab validates Amnesty International investigation showing targeting of staff member and Saudi activist with NSO Group’s technology.
This report describes our investigation into the apparent use of Sandvine/Procera Networks Deep Packet Inspection (DPI) devices to deliver nation-state malware in Turkey and indirectly into Syria, and to covertly raise money through affiliate ads and cryptocurrency mining in Egypt.
Ethiopian’s penchant for commercial spyware is notorious, as is its pattern of digital espionage against journalists, activists, and other entities—many of which are based overseas—that seek to promote government accountability and are therefore viewed as political threats. Yet the Ethiopian government and others like it have faced little pressure to cease this particular strain of digital targeting.
This report describes how Ethiopian dissidents in the US, UK, and other countries were targeted with emails containing sophisticated commercial spyware posing as Adobe Flash updates and PDF plugins. Targets include a US-based Ethiopian diaspora media outlet, a PhD student, a lawyer, and even a Citizen Lab researcher.
