Pegasus
As part of a collaborative investigation led by Access Now, Citizen Lab researchers conducted forensic analysis of iPhones belonging to members of Jordan-based civil society.
In an investigative collaboration with Access Now, the Citizen Lab has analyzed forensic artifacts from the iPhone of award-winning exiled Russian investigative journalist Galina Timchenko and found with high confidence that on or around February 10th, 2023 it was infected with NSO Group’s Pegasus spyware.
Citizen Lab found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware while checking the device of an individual employed by a Washington DC-based civil society organization with international offices. We refer to the exploit chain as BLASTPASS. The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim.
In an exclusive with New Yorker’s Ronan Farrow, Citizen Lab researchers reveal the presence of Pegasus spyware on the phones of 65 activists, politicians, and civil society groups in Catalonia.
New York Times journalist and bureau chief, Ben Hubbard, discusses working with the Citizen Lab and discovering that he had been hacked several times by operators using NSO Group’s Pegasus spyware.
Our forensic analysis of two iPhones belonging to Hubbard found evidence of Pegasus infections in July 2020 and June 2021. Notably, these infections occurred after Hubbard reported in January 2020 that we found that he was targeted in 2018 by the Saudi Arabia-linked Pegasus operator that we call KINGDOM.
Citizen Lab fellow Bill Marczak comments on how he uncovered a Pegasus surveillance operation aimed at two lawyers and Princess Haya Bint Al Hussein.
While analyzing the phone of a Saudi activist infected with NSO Group’s Pegasus spyware, we discovered a zero-day zero-click exploit against iMessage. The exploit, which we call FORCEDENTRY, targets Apple’s image rendering library, and was effective against Apple iOS, MacOS and WatchOS devices.
We identified nine Bahraini activists whose iPhones were successfully hacked with NSO Group’s Pegasus spyware between June 2020 and February 2021. The hacked activists included three members of Waad (a secular Bahraini political society), three members of the Bahrain Center for Human Rights, two exiled Bahraini dissidents, and one member of Al Wefaq (a Shiite Bahraini political society).
Ron Deibert joins Al Jazeera to discuss the history of NSO Group’s Pegasus technology and why the expansive commercial spyware market deserves closer scrutiny and regulatory oversight.