On July 27, 2022, Citizen Lab senior researcher John Scott-Railton spoke before the House Permanent Select Committee on Intelligence. He was invited to provide expert testimony on a hearing devoted to combatting threats to U.S. national security from the proliferation of foreign commercial spyware.
Posts tagged “spyware”
The Citizen Lab, in collaboration with Catalan civil society groups, has identified at least 65 individuals targeted or infected with mercenary spyware, including members of the European Parliament, Catalan Presidents, legislators, jurists, and members of civil society organisations.
Phones belonging to four Jordanian human rights defenders, lawyers, and journalists were hacked with NSO Group’s Pegasus spyware between August 2019 and December 2021. We assess that at least two of the four targets were hacked by Pegasus operators primarily focused on Jordan, based on SMS messages containing Pegasus links that map to a cluster of domain names focusing on Jordanian themes.
يؤكد التحقيق الذي أجريناه أن الهواتف التي تخص ثلاثة أفراد في البحرين قد تم اختراقها في عام 2021 باستخدام برنامج التجسس Pegasus التابع لمجموعة NSO. وافق اثنان من الأفراد المستهدفين على ذكر أسمائهم.
Our forensic analysis confirms that phones belonging to three individuals in Bahrain were hacked in 2021 with NSO Group’s Pegasus spyware.
The Citizen Lab and Access Now have confirmed 35 cases of journalists and members of civil society whose phones were successfully infected with NSO’s Pegasus spyware between July 2020 and November 2021. We shared a sample of forensic data with Amnesty International’s Security Lab which independently confirms the findings.
بواسطة: بيل مارزاك، جون سكوت-رايلتون، بحر عبد الرزاق، نورا الجيزاوي، سيينا أنستيس، كريستين بردان، ورون ديبرت. النتائج الرئيسية تم اختراق معارضَين مصريين في المنفى؛ وهما السياسي أيمن نور، ومقدم برنامج شهير (والذي يرغب بألا يفصح عن هويته). تم الاختراق بواسطة برنامج التجسس بريداتور (Predator)، والذي تم تطويره وبيعه بواسطة Cytrox لتطوير برامج التجسس المرتزقة، وهي… Read more »
Two Egyptians—exiled politician Ayman Nour and the host of a popular news program (who wishes to remain anonymous)—were hacked with Predator spyware, built and sold by the previously little-known mercenary spyware developer Cytrox. The phone of Ayman Nour was simultaneously infected with both Cytrox’s Predator and NSO Group’s Pegasus spyware, operated by two different government clients.
Forbidden Stories and Amnesty International requested that the Citizen Lab undertake an independent peer review of a sample of their forensic evidence and their general forensic methodology. We were provided with iTunes backups of several devices and a separate methodology brief, and independently validated that Amnesty International’s forensic methodology correctly identified infections with NSO’s Pegasus spyware.
Candiru is a secretive Israel-based company that sells spyware exclusively to governments. Using Internet scanning, we identified more than 750 websites linked to Candiru’s spyware infrastructure. We found many domains masquerading as advocacy organizations such as Amnesty International, the Black Lives Matter movement, as well as media companies, and other civil-society themed entities.