The Globe and Mail: How Toronto’s Citizen Lab uncovered the hacking of Princess Haya
Citizen Lab fellow Bill Marczak comments on how he uncovered a Pegasus surveillance operation aimed at two lawyers and Princess Haya Bint Al Hussein.
Citizen Lab fellow Bill Marczak comments on how he uncovered a Pegasus surveillance operation aimed at two lawyers and Princess Haya Bint Al Hussein.
While analyzing the phone of a Saudi activist infected with NSO Group’s Pegasus spyware, we discovered a zero-day zero-click exploit against iMessage. The exploit, which we call FORCEDENTRY, targets Apple’s image rendering library, and was effective against Apple iOS, MacOS and WatchOS devices.
The Citizen Lab, OutRight Action International, and the Open Observatory of Network Interference (OONI) collaborated to conduct research on LGBTIQ website censorship and its impact on LGBTIQ communities. The results indicate the technical and legal obstacles many users have in accessing LGBTIQ news, health, and human rights websites.
لقد حددنا تسعة نشطاء بحرينيين تم اختراق أجهزتهم الآيفون باستخدام برنامج تجسس “Pegasus” من NSO Group في الفترة ما بين يونيو 2020 و فبراير 2021. بعض النشطاء قد تم اختراقهم باستغلال ثغرتين zero-click في iMessage, كنا قد سمينا الثغرتين التي تم اكتشافها في 2020 ب KISMET، أما الثغرة المستخدمة في 2021 فنسميها FORCEDENTRY
Ron Deibert joins Al Jazeera to discuss the history of NSO Group’s Pegasus technology and why the expansive commercial spyware market deserves closer scrutiny and regulatory oversight.
Candiru is a secretive Israel-based company that sells spyware exclusively to governments. Using Internet scanning, we identified more than 750 websites linked to Candiru’s spyware infrastructure. We found many domains masquerading as advocacy organizations such as Amnesty International, the Black Lives Matter movement, as well as media companies, and other civil-society themed entities.
In its most recent response to the Citizen Lab regarding the The Great iPwn report, NSO Group extended an invitation to meet and discuss the Citizen Lab’s concerns and NSO Group’s “program” in more detail. We do not believe this invitation is made in good faith and have declined.
As highlighted by a coalition of human rights organizations in a letter to NSO Group released today, NSO Group continues to fail in human rights compliance. The company has fallen far short of numerous promises and commitments it made, in particular with regards to transparency and its human rights due diligence framework.
The Citizen Lab’s response to the questionnaire of the U.N. Working Group on the use of mercenaries on the provision of military and security products and services in cyber space by cyber mercenaries and related actors and its human rights impact.
Since 2016, the Citizen Lab has published numerous reports regarding the use of Pegasus spyware against human rights defenders, journalists, politicians, and other members of civil society. Despite these findings, NSO Group has failed to substantively engage or respond to the research presented by the Citizen Lab and other organizations.