spyware
Citizen Lab senior legal advisor Siena Anstis co-authored an article with Jillian Sprenger (McGill University) in the International Journal of Human Rights on the ways that members of civil society targeted by spyware attempt to seek remedy. Anstis and Sprenger analyze gaps and challenges that remain in obtaining a remedy for targets, suggesting areas for reform through which members […]
NSO Group, the firm behind Pegasus spyware, has a new executive chairman who plans to use his ties to the Trump administration to improve the company’s reputation in the U.S. Speaking with the Wall Street Journal and the Guardian, Citizen Lab senior researcher John Scott-Railton says that Pegasus creates “unbearable temptation for abuse” where “nobody […]
Citizen Lab senior researcher John Scott-Railton speaks with TechCrunch about the proliferation of spyware use, and the effects it has on democracy. While it is ostensibly used to monitor criminals, Scott-Railton says that government spyware “needs to be treated like the threat to democracy and elections that it is.” Read more in TechCrunch.
Another member of Italian civil society has gone public about being a target of Paragon spyware. Francesco Nicodemo, a prominent Italian communications executive and political advisor, is the fifth confirmed target of an ongoing spyware scandal in Italy. Citizen Lab first identified the abuse of Paragon’s Graphite spyware against Italian civil society in March 2025, […]
In a new piece for Policy Options, senior research associate Kate Robertson and legal extern Song-Ly Tran discuss how outdated protections in Canada’s decades old wiretap laws fail to protect people in Canada from abuse of spyware technologies.
In our first investigation into Israel-based spyware company, Paragon Solutions, we begin to untangle multiple threads connected to the proliferation of Paragon’s mercenary spyware operations across the globe. This report includes an infrastructure analysis of Paragon’s spyware product, called Graphite; a forensic analysis of infected devices belonging to members of civil society; and a closer look at the use of Paragon spyware in both Canada and Italy.
Our analysis of spyware covertly implanted on a phone returned to a Russian programmer after he was released from custody, finds that the spyware placed on his device allows the operator to track a target device’s location, record phone calls, keystrokes, and read messages from encrypted messaging apps, among other capabilities.
In 2022, the Citizen Lab gained extensive forensic visibility into new NSO Group exploit activity after finding infections among members of Mexico’s civil society, including two human rights defenders from Centro PRODH, which represents victims of military abuses in Mexico.
At least five civil society victims of QuaDream’s spyware and exploits were identified in North America, Central Asia, Southeast Asia, Europe, and the Middle East. Victims include journalists, political opposition figures, and an NGO worker. We identify traces of a suspected iOS 14 zero-click exploit used to deploy QuaDream’s spyware.
Our investigation uncovered an extensive Pegasus hacking operation against pro-democracy campaigners in Thailand. At least 30 forensically-confirmed victims of NSO Group’s Pegasus spyware between October 2020 and November 2021.
