Pegasus (spyware) explained

PEGASUS
Logo Size:128px
Developer:NSO Group
Released:August 2016
Operating System:iOS, Android
Genre:Spyware

Pegasus is a spyware developed by the Israeli cyber-arms company NSO Group that is designed to be covertly and remotely installed on mobile phones running iOS and Android.[1] While NSO Group markets Pegasus as a product for fighting crime and terrorism, governments around the world have routinely used the spyware to surveil journalists, lawyers, political dissidents, and human rights activists.[2] The sale of Pegasus licenses to foreign governments must be approved by the Israeli Ministry of Defense.[3]

As of March 2023, Pegasus operators were able to remotely install the spyware on iOS versions through 16.0.3 using a zero-click exploit.[4] While the capabilities of Pegasus may vary over time due to software updates, Pegasus is generally capable of reading text messages, call snooping, collecting passwords, location tracking, accessing the target device's microphone and camera, and harvesting information from apps.[5] The spyware is named after Pegasus, the winged horse of Greek mythology.[6]

Cyber watchdog Citizen Lab and Lookout Security published the first public technical analyses of Pegasus in August 2016 after they captured the spyware in a failed attempt to spy on the iPhone of a human rights activist. Subsequent investigations into Pegasus by Amnesty International, Citizen Lab, and others have garnered significant media attention, including in July 2021 with the release of the Pegasus Project investigation, which centered on a leaked list of 50,000 phone numbers reportedly selected for targeting by Pegasus customers.[7]

Background

NSO Group developed its first iteration of Pegasus spyware in 2011.[8] The company states that it provides "authorized governments with technology that helps them combat terror and crime."[9] [10] NSO Group has published sections of contracts which require customers to use its products only for criminal and national security investigations and has stated that it has an industry-leading approach to human rights.[11]

Discovery

Pegasus's iOS exploitation was identified in August 2016. Emirati human rights defender Ahmed Mansoor received a text message promising "secrets" about torture happening in prisons in the United Arab Emirates by following a link. Mansoor sent the link to Citizen Lab of the University of Toronto, which investigated, with the collaboration of Lookout, finding that if Mansoor had followed the link it would have jailbroken his phone and implanted the spyware into it, in a form of social engineering.[12]

Citizen Lab and Lookout discovered that the link downloaded software to exploit three previously unknown and unpatched zero-day vulnerabilities in iOS.[13] [14] According to their analysis, the software can jailbreak an iPhone when a malicious URL is opened. The software installs itself and collects all communications and locations of targeted iPhones. The software can also collect Wi-Fi passwords.[15] The researchers noticed that the software's code referenced an NSO Group product called "Pegasus" in leaked marketing materials.[16] Pegasus had previously come to light in a leak of records from Hacking Team, which indicated the software had been supplied to the government of Panama in 2015.[17] Citizen Lab and Lookout notified Apple's security team, which patched the flaws within ten days and released an update for iOS.[18] A patch for macOS was released six days later.[19]

Regarding how widespread the issue was, Lookout explained in a blog post: "We believe that this spyware has been in the wild for a significant amount of time based on some of the indicators within the code" and pointed out that the code shows signs of a "kernel mapping table that has values all the way back to iOS 7" (released 2013).[20] The New York Times and The Times of Israel both reported that it appeared that the United Arab Emirates was using this spyware as early as 2013.[21] [22] [23] It was used in Panama by former president Ricardo Martinelli from 2012 to 2014, who established the Consejo de Seguridad Pública y Defensa Nacional (National Security Council) for its use.[24] [25] [26] [27]

Chronology

Several lawsuits outstanding in 2018 claimed that NSO Group helped clients operate the software and therefore participated in numerous violations of human rights initiated by its clients. Two months after the murder and dismemberment of The Washington Post journalist Jamal Khashoggi, a Saudi human rights activist, in the Saudi Arabian Consulate in Istanbul, Turkey, Saudi dissident Omar Abdulaziz, a Canadian resident, filed suit in Israel against NSO Group, accusing the firm of providing the Saudi government with the surveillance software to spy on him and his friends, including Khashoggi.[28]

In December 2020, an Al Jazeera investigative show The Hidden is More Immense covered Pegasus and its penetration into the phones of media professionals and activists; and its use by Israel to eavesdrop on both opponents and allies.[29] [30]

In February 2024, a US court ordered NSO Group to hand over the code for Pegasus to WhatsApp as part of an ongoing lawsuit filed by the Meta Platforms-owned communication app related to the alleged use of Pegasus against WhatsApp users.[31]

Technical details

The spyware can be installed on devices running certain versions of iOS, Apple's mobile operating system, as well as some Android devices. Rather than being a specific exploit, Pegasus is a suite of exploits that uses many vulnerabilities in the system. Infection vectors include clicking links, the Photos app, the Apple Music app, and iMessage. Some of the exploits Pegasus uses are zero-click — that is, they can run without any interaction from the victim. Once installed, Pegasus has been reported to be able to run arbitrary code, extract contacts, call logs, messages, photos, web browsing history, settings,[32] as well as gather information from apps including but not limited to communications apps iMessage, Gmail, Viber, Facebook, WhatsApp, Telegram, and Skype.[33]

In April 2017, after a Lookout report, Google researchers discovered Android malware "believed to be created by NSO Group Technologies" and named it Chrysaor (Pegasus' brother in Greek mythology). According to Google, "Chrysaor is believed to be related to the Pegasus spyware".[34] At the 2017 Security Analyst Summit held by Kaspersky Lab, researchers revealed that Pegasus was available for Android in addition to iOS. Its functionality is similar to the iOS version, but the mode of attack is different. The Android version tries to gain root access (similar to jailbreaking in iOS); if it fails, it asks the user for permissions that enable it to harvest at least some data. At the time Google said that only a few Android devices had been infected.[35]

Pegasus hides itself as far as is possible and self-destructs in an attempt to eliminate evidence if unable to communicate with its command-and-control server for more than 60 days, or if on the wrong device. Pegasus can also self-destruct on command.[35] If it is not possible to compromise a target device by simpler means, Pegasus can be installed by setting up a wireless transceiver near a target device, or by gaining physical access to the device.[36]

Development of capabilities

The earliest version of Pegasus – which was identified in 2016 – relied on a spear-phishing attack which required the target to click a malicious link in a text message or email.[36]

As of August 2016 – according to a former NSO employee – the U.S. version of Pegasus had 1-click capabilities for all phones apart from old Blackberry models which could be infiltrated with a 0-click attack.[37]

In 2019, WhatsApp revealed Pegasus had employed a vulnerability in its app to launch zero-click attacks (the spyware would be installed onto a target's phone by calling the target phone; the spyware would be installed even if the call was not answered).[36]

Since 2019, Pegasus has come to rely on iPhone iMessage vulnerabilities to deploy spyware.[36]

By 2020, Pegasus shifted towards zero-click exploits and network-based attacks. These methods allowed clients to break into target phones without requiring user interaction.

Apple Inc in a lawsuit against US-based cybersecurity startup, Corellium, alleged that it sold its virtualization technology to the NSO group and other such "bad actors" and actively encouraged them to find 0-day exploits.[38]

Vulnerabilities

Lookout provided details of the three iOS vulnerabilities:

Google's Project Zero documented another exploit, dubbed FORCEDENTRY, in December 2021. According to Google's researchers, Pegasus sent an iMessage to its targets that contained what appeared to be GIF images, but which in fact contained a JBIG2 image. A vulnerability in the Xpdf implementation of JBIG2, re-used in Apple's iOS phone operating software, allowed Pegasus to construct an emulated computer architecture inside the JBIG2 stream which was then used to implement the zero-click attack. Apple fixed the vulnerability in iOS 14.8 in September 2021 as CVE-2021-30860.[40]

As of July 2021, Pegasus likely uses many exploits, some not listed in the above CVEs.

Pegasus Anonymizing Transmission Network

Human rights group Amnesty International reported in the 2021 investigation that Pegasus employs a sophisticated command-and-control (C&C) infrastructure to deliver exploit payloads and send commands to Pegasus targets. There are at least four known iterations of the C&C infrastructure, dubbed the Pegasus Anonymizing Transmission Network (PATN) by NSO group, each encompassing up to 500 domain names, DNS servers, and other network infrastructure. The PATN reportedly utilizes techniques such as registering high port numbers for their online infrastructure as to avoid conventional internet scanning. PATN also uses up to three randomised subdomains unique per exploit attempt as well as randomised URL paths.[41]

Detecting Pegasus

Due to the covert nature of its installation, Pegasus was previously only able to be detected via digital forensics. On January 16th, 2024 Kaspersky Labs announced in a press release a new method of detecting the spyware for iOS devices that involved inspecting the shutdown.log file, which logs reboot events, for indicators of compromise.[42] Kaspersky developed a tool that extracts, analyzes, and parses the shutdown.log file to ease the process of locating the malicious signature. This method is only effective if the device is rebooted on the same day that it is infected with Pegasus.[43]

Amnesty International released an open-source utility called Mobile Verification Toolkit that's designed to detect traces of Pegasus. The software runs on a personal computer and analyzes data including backup files exported from an iPhone or Android phone.[44]

By country

See also: Pegasus Project (investigation). Although Pegasus is stated as intended to be used against criminals and terrorists,[11] it has also been used by both authoritarian and democratic governments to spy on critics and opponents.[45] A UN special rapporteur on freedom of opinion found that the use of the spyware by abusive governments could "facilitate extrajudicial, summary or arbitrary executions and killings, or enforced disappearance of persons."[46]

Armenia

About twenty Armenian citizens were spied on via Pegasus spyware. Media expert Arthur Papyan said it targeted the key figures of the opposition and the government – current and past government employees who knew valuable state secrets and have political influence, including the former director of the National Security Service and current chairman of the center-right Homeland Party. The local experts suspected that they were targeted either by the government of Armenia or Azerbaijan, or perhaps both. Papyan said that NSO group appears to be jailbreaking a phone and provides interface for viewing the obtained data. Minister of high-tech industry Vahagn Khachaturyan also received a warning letter from Apple, he rejected the theory that the spying party could be the current Armenian government.[47]

Azerbaijan

The list of spied-upon citizens included dozens of journalists and activists from Azerbaijan. It was alleged that their mobile phones were tapped.[48] The head of Azerbaijani service of Radio Liberty/Radio Free Europe (Azadliq) Jamie Fly expressed his anger when it was revealed that the phones of his five current and former employees were tapped with Pegasus.[49]

Bahrain

Citizen Lab revealed the government of Bahrain used the NSO Group's Pegasus to hack activists, bloggers, members of Waad (a secular Bahraini political society), a member of Al Wefaq (a Shiite Bahraini political society), and members of the Bahrain Center for Human Rights. Bahrain reportedly acquired access to spyware in 2017. As per the report, the mobile phones of a total of nine rights activists were "successfully hacked" between June 2020 and February 2021. Those hacked included three members of Waad, three of the BCHR, one of Al Wefaq, and two of the exiled dissidents who reside in London. The Citizen Lab attributed "with high confidence" that a Pegasus operator, LULU, was used by the Bahraini government to breach the phones of at least four of the nine activists.[50] [51]

In January 2022, Bahrain was accused of using the Pegasus spyware to hack a human rights defender, Ebtisam al-Saegh. The prominent activist's phone was hacked at least eight times between August and November 2019. As per the Citizen Lab, following the hacking attempt, al-Saegh faced incidents where she was harassed by the Bahrain authorities. It included being summoned to a police station, interrogation, rape threats, and physical and sexual assault. The attack left the rights defender in a state of "daily fear and terror".[52]

In February 2022, an investigation by Citizen Lab and Amnesty International revealed that the Pegasus spyware was used to infect the devices of a lawyer, an online journalist, and a mental health counsellor in Bahrain. All of the three activists were critical of the Bahraini authorities and were targeted with Pegasus between June and September 2021. One of the three activists remained anonymous, while the other two were Mohammed al-Tajer and Sharifa Swar (mental health counselor).[53]

In December 2022, an exiled Bahraini activist, Yusuf al-Jamri filed a lawsuit against the Bahraini government and the NSO Group, alleging his phone was hacked using the Pegasus spyware in August 2019. The hacking was confirmed by the Citizen Lab researchers, who claimed that the servers that targeted al-Jamri were connected to Bahrain.[54] [55] Yusuf al-Jamri fled to the UK with his family in 2017, after facing multiple detentions, and episodes of interrogation, torture, sexual assault, and rape threats. Experts claimed that he was hacked days after posting tweets about Moosa Mohammed, the Bahraini activist who protested the executions in Bahrain and climbed to the roof of the country's embassy in London.

Djibouti

In 2018, the U.S. Central Intelligence Agency purchased Pegasus for the Djibouti government to conduct counter-terrorism operations (despite Djibouti's poor human rights record).[56]

Dominican Republic

In 2023, an investigation by Amnesty International and Citizen Lab found that Nuria Piera, a Dominican Republic journalist known for her investigations into corruption in the country, was targeted by an unknown actor using Pegasus spyware at least three times between 2020 and 2021.[57]

Egypt

Egyptian PM Mostafa Madbouly was selected for potential targeting by Pegasus – apparently by Saudi Arabia.

El Salvador

In January 2022, El Faro, a prominent Salvadoran news outlet, revealed that a majority of its staff had their phones infiltrated using Pegasus. The targeting was uncovered in an investigation conducted by Citizen Lab, and Access Now; the investigation revealed that the journalists of another 13 Salvadoran news organisations were targeted as well. Between July 2020 and November 2021, Pegasus was deployed on the phones of 22 employees of El Faro, including reporters, editors, and other staff. At the time of the targeting, the El Faro was looking into governmental corruption scandals, and the government's clandestine dealings with the country's gangs. The Salvadoran government denied responsibility for the espionage, and NSO Group declined to reveal whether the Salvadoran government was a client.[58]

Estonia

Estonia entered negotiations to procure Pegasus in 2018, and had made a $30 million down payment for the tool. Estonia hoped to use the tool against Russian phones (presumably for gathering intelligence). Israel initially approved the export of Pegasus to Estonia, but after a senior Russian defense official approached the Israeli defense agencies and revealed that Russia had learned of Estonia's intentions to obtain Pegasus, Israel decided to disallow Estonia from using Pegasus against any Russian phone number (following a heated debate among Israeli officials) so as to avoid damaging Israeli relations with Russia.[59]

Estonia gained access to Pegasus spyware in 2019. Citizen Lab has uncovered that Estonia has deployed Pegasus outside its borders, against targets in "many" EU countries.[60]

Finland

In January 2022 the Finnish Ministry for Foreign Affairs reported that several phones of Finnish diplomats had been infected with the Pegasus spyware.[61] Antti Pelttari, the Director of the Finnish Security and Intelligence Service (Supo), stated that a Foreign Government was most likely behind the infection.[62]

France

In July 2021, Le Monde reported that President of France Emmanuel Macron and 14 French ministers were flagged as potential Pegasus targets for Pegasus spying by Morocco; Moroccan authorities denied Pegasus use and labelled the allegation as "unfounded and false"[63] which a consortium of journalists and Amnesty International have demonstrated that there are "technical elements that prove listening".[64]

Germany

Pegasus is in use by German Federal Criminal Police Office (BKA). BKA acquired Pegasus in 2019 with "utmost secrecy", despite hesitations from its legal council. The use of Pegasus by BKA was later revealed by German media.[65] Sources from Germany's security services have told journalists that Germany's iteration of Pegasus spyware features built-in safeguards to prevent abuse and comply with EU privacy laws, however, officials have not publicly confirmed or elaborated on this.[66]

In February 2023, the independent Russian journalist and Putin critic Galina Timchenko had her iPhone infected with Pegasus while located in Berlin.[67] [68] [60]

Hungary

The government of Viktor Orbán authorized the use of Pegasus by Hungarian intelligence and law enforcement services to target the government's political opponents.[59] The Orbán government has been accused of using it to spy on members of media as well as on Hungarian opposition.[69] According to the findings released in July 2021, journalists and managers of media holdings appear to have been spied on by the Hungarian government with Pegasus.[70] [71] Phone numbers of at least 10 lawyers, at least 5 journalists, and an opposition politician were included on a leaked list of potential Pegasus surveillance targets.[72]

In November 2021, Lajos Kósa, head of a parliamentary defense and law enforcement committee, was the first Hungarian senior official who acknowledged that the country's Interior Ministry purchased and used Pegasus.[73] Kósa admitted that Hungary had indeed purchased and used Pegasus, stating "I don't see anything objectionable in it [...] large tech companies carry out much broader monitoring of citizens than the Hungarian state does."[69]

India

See main article: Pegasus Project revelations in India and WhatsApp snooping scandal. In late 2019, Facebook initiated a suit against NSO, claiming that Pegasus had been used to intercept the WhatsApp communications of a number of activists, journalists, and bureaucrats in India, leading to accusations that the Indian government was involved.[74] [75] [76] 17 individuals including human rights activists, scholars, and journalists confirmed to an Indian publication they had been targeted.[77]

Phone numbers of Indian ministers, opposition leaders, ex-election commissioners and journalists were allegedly found on a database of NSO hacking targets by Pegasus Project in 2021.[78] [79] [80] Phone numbers of Koregaon Bhima activists who had compromising data implanted on their computers through a hack were found on a Pegasus surveillance phone number list.[81]

Independent digital forensic analysis conducted on 10 Indian phones whose numbers were present in the data showed signs of either an attempted or successful Pegasus hack. The results of the forensic analysis threw up shows sequential correlations between the time and date a phone number is entered in the list and the beginning of surveillance. The gap usually ranges between a few minutes and a couple of hours.[82]

Eleven phone numbers associated with a female employee of the Supreme Court of India and her immediate family, who accused the former Chief Justice of India, Ranjan Gogoi, of sexual harassment, were also allegedly found on a database indicating possibility of their phones being snooped.[83] [84]

Records also indicate that phone numbers of some of the key political players in Karnataka appear to have been selected around the time when an intense power struggle was taking place between the Bharatiya Janata Party and the Janata Dal (Secular)-Congress-led state government in 2019.[85] [86]

In October 2023, Apple warned Indian journalists and opposition politicians that they may have been targets of state-sponsored attacks using Pegasus spyware. A Washington Post investigation found that the Indian government officials pressured Apple to rescind the warnings. Apple instead sent out emails saying the warnings could have been a false alarm and asked media to mention the same in their articles, while government officials told media that it could have been an "algorithmic malfunction". Minister of Commerce Piyush Goyal said that the warnings were a "prank" by Apple. An advisor to the government, Sanjeev Sanyal, alleged that the warnings were part of a conspiracy involving Access Now, George Soros, Apple and opposition politicians to falsely accuse the government of hacking.[87]

Iraq

The phone of Iraqi President Barham Salih was found on a list of potential Pegasus surveillance targets (however actual targeting – attempted or successful – could not be determined).[88] The targeting of Salih appeared to have been linked to Saudi Arabia and UAE.

Israel

Israeli police use

In January 2022, it was reported that Pegasus was unlawfully used by the Israeli Police to monitor citizens as well as foreign nationals who were accidentally or intentionally infected by the software.[89] The surveillance was ordered by high-ranking police officers, and was carried out without warrants or judicial supervision.[90] The legal basis for use of spyware against citizens is disputed.[91] The police had allegedly targeted civilians not suspected of any crime, including organisers of antigovernmental protesters, mayors, anti-LGBT parade activists, employees of government-owned companies, an associate of a senior politician, and former government employees.[90] In one case, it was alleged that police targeted an activist who was not suspected of a crime, allegedly to gather information about the activist's extra-marital affairs and use it as leverage.[92]

In some cases, Pegasus was used to obtain information unrelated to an ongoing investigation to be used later to pressure the subject of an investigation. In some cases, police used Pegasus to obtain incriminating information from suspects' devices, and then concealed the source of the incriminating information claiming it would expose intelligence assets.[93] While the Israeli Police formally denied the allegations in the report, some senior police officials have hinted that the claims were true.[94] The report led to the announcement of a number of parallel investigations into the police's conduct,[95] with some officials demanding a Commission of inquiry.[96] Although the Attorney General launched an internal probe into the allegations,[97] the Privacy Protection Council (which advises the Minister of Justice),[98] demanded that a state commission of inquiry be created.[96]

On February 1, the police admitted that there was, in fact, misuse of the software.[99] On February 7, the widespread extent of the warrantless surveillance was further revealed to have included politicians and government officials, heads of corporations, journalists, activists, and even Avner Netanyahu, the son of then-Prime Minister, Benjamin Netanyahu. This has led to renewed calls for a public inquiry, including from the current police commissioner Kobi Shabtai himself (appointed January 2021), as well as from the Minister of the Interior, Ayelet Shaked and others.[100]

Later in the day, the Minister of Public Security (the minister responsible for the police), Omer Bar-Lev, announced that he would be forming a commission of inquiry, to be chaired by a retired judge. Bar-Lev stressed that this commission will essentially be granted all the powers of a state commission (whose formation requires full cabinet support), including having the authority to subpoena witnesses, "regardless of seniority," whose testimony may be used in future prosecutions.[101] Despite this, calls for a state commission persisted from several ex-ministry heads who were targeted. The next day, the State Comptroller Matanyahu Englman, calling the crisis a "trampling on the values of democracy and privacy," said that the investigation launched by his office will also be extensive, adding that it will not only include the police, but also the Ministry of Justice and the State Attorney's Office.[102]

In September 2023, Apple issued an emergency software patch after it was warned that Israel's NSO Group had injected its Pegasus spyware remotely and surreptitiously on to iPhones and iPads.[103]

Jordan

Between August 2019 and December 2021, Apple phones of four Jordanian human rights activists, lawyers and journalists were hacked by a NSO government client (apparently Jordanian government agencies). The Jordanian government denied involvement.[104]

In January 2022, it was revealed that Jordanian lawyer and activist Hala Ahed Deeb's phone was targeted with Pegasus.[105]

Kazakhstan

Activists in Kazakhstan were targeted,[106] in addition to top-level officials, like Kassym-Jomart Tokayev, Askar Mamin and Bakytzhan Sagintayev. Among the 2000 targeted Kazak numbers were government critic Bakhytzhan Toregozhina, as well as journalists Serikzhan Mauletbay and Bigeldy Gabdullin.[107] [108] Most of these victims were involved in a civic youth movement Oyan, Qazaqstan.[109]

Latvia

Citizen Lab first noted the use of Pegasus in Latvia in 2018; Citizen Lab believes Pegasus is still being used by Latvia as of 2023.[60]

In February 2023, the iPhone of Galina Timchenko, Russian journalist and co-founder of the Latvia-based Russian news publication Meduza, was infected with Pegasus. Timchenko received a notification about a state-sponsored attack against her device from Apple, with experts from Citizen Lab and Access Now subsequently confirming that the device had indeed been compromised with Pegasus, with the attacker having gained full access to the device. The attack occurred the day before a conference of exiled independent Russian media in Berlin which Timchenko attended; her phone could have been used to evesdrop on the journalists' conversations during the conference. This attack is the first confirmed instance of Pegasus being used against a Russian journalist. It is unclear which state carried out the attack: a European intelligence agency have also sought to surveil prominent Russian expatriates, and while NSO Group does not export Pegasus to Russia, a third country could also have carried out the attack on Russia's behest. Timchenko was in Germany during the attack but had a phone with a Latvian sim card.[60]

The Guardian subsequently ascertained that three other Russian expatriate journalists with Latvian phone numbers also received notifications about state-sponsor attacks against their devices from Apple (as well as one additional Russian journalist with a non-Latvian phone number).[110]

Mexico

According to the New York Times, Mexico has been "the first and most prolific user of Pegasus".[111] Mexico was the first country to purchase Pegasus,[112] seeing it as a novel tool in the country's struggle against drug cartels. Mexican authorities also sought to cultivate autonomous intelligence capabilities, having hitherto been highly reliant on the United States for intelligence gathering capabilities.

Early versions of Pegasus were used to surveil the phone of Joaquín Guzmán, known as El Chapo. In 2011, Mexican President Felipe Calderón reportedly called NSO to thank the company for its role in Guzmán's capture.[113] [114]

Within years, authorities began to use Pegasus to target civil society (including human rights advocates, anti-corruption activists, and journalists). When a list of 50,000 phone numbers of potential Pegasus surveillance targets (selected by individual client governments) was leaked in 2021, a third of them were Mexican.

President Andrés Manuel López Obrador (who took office in 2018) had pledged to halt the use of the spyware by Mexican authorities, nonetheless, reports of use and abuse of Pegasus have continued throughout his presidency (including an opposition politician). After federal police and intelligence agency reforms by the Obrador government, the Mexican military became the sole Pegasus user in 2019. The Mexican armed forces have been a prolific user of Pegasus. The Mexican armed forces have taken on an ever more prominent role during Obrador's presidency, and may have grown into an independent power center capable of autonomously spying on civilian detractors and critics, with the government powerless to reign in its abuses.[115] The military went so far as to target Alejandro Encinas, the country's under-secretary for human rights (and a close ally of President Obrador), a prominent critic of the military who was investigating human rights abuses committed by the Mexican military at the time of the targeting, as well as other government officials involved in this inquiry.[116]

As of 2023, Mexico's spending on Pegasus had totaled over $60 million.

Targeting of scientists and health campaigners

In 2017, Citizen Lab researchers revealed that NSO exploit links may have been sent to Mexican scientists and public health campaigners.[117] The targets supported measures to reduce childhood obesity, including Mexico's "Soda Tax."[118]

2014 Iguala mass kidnapping

In July 2017, the international team assembled to investigate the 2014 Iguala mass kidnapping publicly complained they thought they were being surveilled by the Mexican government.[119] They stated that the Mexican government used Pegasus to send them messages about funeral homes containing links which, when clicked, allowed the government to surreptitiously listen to the investigators.[119] The Mexican government has repeatedly denied any unauthorized hacking.[119]

In 2023, it was revealed that Mexican Army intelligence was using Pegasus to monitor Guerreros Unidos cartel members and police officials in the area at the time of the kidnapping, capturing a cartel boss and the police commander discussing where to take the students that night. The Army had soldiers on the streets and a local battalion had an informant embedded with the students. Intercepted communications days later revealed two suspects talking about releasing students, indicating they may still have been alive. Despite this, the military never shared any of this information with officials searching for the students, and there is no evidence to suggest they attempted a rescue.[120]

Assassination of journalist Cecilio Pineda Birto

Cecilio Pineda Birto, a Mexican freelance journalist was assassinated by hitmen while resting in a hammock by a carwash. Brito had been reporting on the ties between local politicians and criminal organizations, and had received anonymous death threats during the weeks preceding the assassination; at about the same time, his phone number was selected as a possible target for Pegasus surveillance by a Mexican Pegasus client. Pegasus spyware may have been used to ascertain Brito's location to carry out the hit by geolocating his phone; the deployment of Pegasus on his phone could however not be confirmed as his phone disappeared from the scene of the murder.[121]

Targeting of presidential candidate Obrador

In the run-up to the 2018 Mexican presidential election, dozens of close associates of the presidential candidate Andrés Manuel López Obrador (who was subsequently elected) were selected as potential targets. Potential targets included close family members, his cardiologist, and members of his personal and political inner circle. Recordings of Obrador's conversations with family and party colleagues were subsequently leaked to the public in an attempt to disrupt his electoral campaign.[122]

Use by Mexican drug cartels

Pegasus has been used by drug cartels and cartel-entwined government actors to target and intimidate Mexican journalists.[123]

Other

A widow of slain renowned Mexican journalist was a target of an attempted Pegasus attack 10 days after her husband was assassinated.[124]

Morocco

In 2019, two Moroccan pro-democracy campaigners were notified by WhatsApp that their phones had been compromised with Pegasus.[77]

In June 2020, an investigation by Amnesty International alleged that Moroccan journalist Omar Radi was targeted by the Moroccan government using the Israeli spyware Pegasus. The rights group claimed that the journalist was targeted three times and spied on after his device was infected with an NSO tool. Meanwhile, Amnesty also claimed that the attack came after the NSO group updated their policy in September 2019.[125]

In July 2021, it was revealed that the Moroccan PM Saad Eddine el-Othamani and Moroccan King Mohammed VI were selected for targeting – apparently by Moroccan state actors themselves.[122]

According to revelations from July 2021, Morocco had targeted more than 6,000 Algerian phones, including those of politicians and high-ranking military officials, with the spyware.[126] [127] The Algerian government subsequently severed diplomatic relations with Morocco in August 2021, citing alleged Moroccan deployment of Pegasus against Algerian officials as one of the "hostile actions" that undergirded the decision.[128]

Netherlands

The Netherlands is a suspected Pegasus user. Pegasus spyware was used to spy on Ridouan Taghi, a high-profile criminal. After the murder of the lawyer Derk Wiersum, the AIVD (Dutch security service) was asked to help with the process of catching Ridouan Taghi.[129]

Panama

President of Panama Ricardo Martinelli personally sought to obtain cyberespionage tools after his election in 2009. After a rebuff by the U.S. in 2009, Martinelli successfully sought such tools from Israeli vendors, expressing an interest in acquiring a tool capable of hacking into mobile phones in a 2010 private meeting with Israeli PM Netanyahu. In 2012, NSO systems were installed in Panama City. The equipment was subsequently widely used for illicit domestic and foreign spying, including for spying on political opponents, magistrates, union leaders, and business competitors, with Martinelli allegedly going so far as to order the surveillance of his mistress using Pegasus.[8]

Palestine

The mobile phones of six Palestinian activists were hacked using Pegasus with some of the attacks reportedly occurring as far back as July 2020, according to a report from Front Line Defenders.[130] Salah Hammouri, a French-Palestinian human rights defender and one of the six victims of the Pegasus attack, has filed a lawsuit against NSO in France, accusing the company of a privacy rights violation.[104]

Poland

Pegasus licenses were agreed on between Benjamin Netanyahu and Beata Szydło in July 2017.[131] Citizen Lab revealed that several members of political opposition groups in Poland were hacked by Pegasus spyware, raising alarming questions about the Polish government's use of the software. A lawyer representing Polish opposition groups and a prosecutor involved in a case against the ruling Law and Justice party were also compromised.[132] A subsequent investigation by the prosecutor general’s office revealed Pegasus was used against 578 people from 2017 to 2022, by three separate government agencies: the Central Anticorruption Bureau, the Military Counterintelligence Service and the Internal Security Agency.[133]

In December 2021, Citizen Lab announced that Pegasus was used against lawyer Roman Giertych and prosecutor Ewa Wrzosek, both critical of the ruling Law and Justice (PiS) government, with Giertych's phone suffering 18 intrusions.[134] 33 hacks to the phone of Krzysztof Brejza, a senator from the opposition Civic Platform (PO) were uncovered,[135] and confirmed by Amnesty International.[136] Leading to the 2019 European and Polish parliamentary elections, Brejza's text messages were stolen as he was leading the opposition parties' campaign. The texts were doctored by state-run media, notably TVP, and used in a smear campaign against the opposition.[137] [138] This prompted the Polish Senate to begin an inquiry into the deployment of the spyware.[139]

On January 25, 2022, more victims were confirmed by Citizen Lab, including Michał Kołodziejczak of the agrarian movement Agrounia, and Tomasz Szwejgiert, a journalist and alleged former associate of the CBA.[140] [141]

According to the Supreme Audit Office (NIK), 544 of its employees' devices were under surveillance over 7,300 times, some could be infected with Pegasus.[142]

In January 2024, Poland's Sejm, the lower house of its parliament, established a special commission to investigate the use of Pegasus by the PiS.[143] Appearing in front of the commission in March 2024, former prime minister Jarosław Kaczyński testified that “use of Pegasus was in accordance with the law, there were no shortcomings, and in 99% it was used against criminals.”[144]

Rwanda

Political activists in Rwanda have been targeted with Pegasus,[145] including the daughter[146] and the nephew[147] of Paul Rusesabagina.

Saudi Arabia

In December 2020, it was reported that Saudi Arabia and the United Arab Emirates deployed a zero-click iMessage Pegasus exploit against two London-based reporters and 36 journalists at the Al Jazeera television network in Qatar.[148] [149]

Jamal Khashoggi

Pegasus was used by Saudi Arabia to spy on Jamal Kashoggi,[150] who was later assassinated in Turkey. In October 2018, Citizen Lab reported on the use of NSO software to spy on the inner circle of Jamal Khashoggi just before his murder. Citizen Lab's October report[151] stated with high confidence that NSO's Pegasus had been placed on the iPhone of Saudi dissident Omar Abdulaziz, one of Khashoggi's confidantes, months before. Abdulaziz stated that the software revealed Khashoggi's "private criticisms of the Saudi royal family," which according to Abdulaziz "played a major role" in Khashoggi's death.[152]

In December 2018, a New York Times investigation concluded that Pegasus software played a role in the Khashoggi's murder, with a friend of Khashoggi stating in a filing that Saudi authorities had used the Israeli-made software to spy on the dissident.[153] NSO CEO Shalev Hulio stated that the company had not been involved in the "terrible murder", but declined to comment on reports that he had personally traveled to the Saudi capital Riyadh for a $55 million Pegasus sale.[154]

In 2021, allegations arose that the software may also have been used to spy on members of Kashoggi's family.[155] The wife of Jamal Khashoggi, Hanan Elatr, intended to sue the NSO Group, alleging that she was targeted with Pegasus spyware. She also prepared a lawsuit in the US against the governments of Saudi Arabia and the United Arab Emirates for their involvement in the attempts to install the software on her mobile phone. Elatr was arrested in Dubai in April 2018. Activity on Etatr's confiscated phone, while she was in the custody of UAE intelligence services, further suggested that an attempt was made to install the software at that time.[156]

Targeting of Jeff Bezos

See main article: Jeff Bezos phone hacking incident. Pegasus was also used to spy on Jeff Bezos after Mohammed bin Salman, the crown-prince of Saudi Arabia, exchanged messages with him that exploited then-unknown vulnerabilities in WhatsApp.[157] [158]

Targeting of journalist Ben Hubbard

Ben Hubbard, a Middle East correspondent for the New York Times, revealed in October 2021 that Saudi Arabia used the NSO Group's Pegasus software to hack into his phone. Hubbard was targeted repeatedly over a three-year period between June 2018 to June 2021 while he was reporting on Saudi Arabia, and writing a book about the Saudi Crown Prince Mohammed bin Salman. Hubbard was possibly targeted for writing the book about the Crown Prince, and for his involvement in revealing the UAE's hacking and surveillance attempt of Project Raven. Saudis attempted to peek into Hubbard's personal information twice in 2018, one through a suspicious text message and the other through an Arabic WhatsApp message inviting him to a protest at a Saudi embassy in Washington.

Two other attacks were launched against him in 2020 and 2021 using the zero-click hacking capabilities. Lastly, on June 13, 2021, an iPhone belonging to Hubbard was successfully hacked using the FORCEDENTRY exploit. Citizen Lab said in "high confidence" that the four attacks were attempted using Pegasus.[159] [160]

Other targets

Another Saudi exile Omar Abdulaziz in Canada was identified by McKinsey & Company as being an influential dissident, and hence had two brothers imprisoned by the Saudi authorities, and his cell phone hacked by Pegasus.[161]

In June 2018, a Saudi satirist, Ghanem Almasarir, was targeted by Saudi Arabia with Pegasus software. The targeting and hacking of Almasarir's phone by a network linked to Saudi Arabia was confirmed by researchers at the Citizen Lab. On 28 May 2019, the letter of claim was delivered to the Saudi embassy in London on behalf of Ghanem Almasarir. In August 2022, a British judge ruled that the prominent dissident in London can sue Saudi Arabia for Pegasus hacking.[162]

South Africa

South African president Cyril Ramaphosa was revealed to have been selected as a potential target of Pegasus surveillance, possibly by the Rwandan state.

Spain

Use against Catalan and Basque officials and independence proponents

See also: CatalanGate. According to an investigation by The Guardian and El País, Pegasus software was used by the government of Spain to compromise the phones of several politicians active in the Catalan independence movement, including President of the Parliament of Catalonia Roger Torrent, and former member of the Parliament of Catalonia Anna Gabriel i Sabaté.[163]

The scandal resurfaced in April 2022 following the publication of a report of a CitizenLab investigation that revealed widespread use of Pegasus against Catalan politicians and citizens, as well as Basque politician Arnaldo Otegi and MP Jon Iñarritu.[164] A total of 63 victims was identified,[165] with targets including elected officials (including high-ranking ones) and civil society members (including activists, journalists, lawyers, and computer scientists).[166] The true extent of the targeting was potentially far larger as Android devices are far more common in Spain while CitizenLab tools are specialised to uncover infiltration of Apple devices. Citizen Lab did not attribute the responsibility for the attacks to any perpetrators, but did note that circumstantial evidence strongly suggests the attacks were perpetrated by the Spanish Government. On May 5, 2022, the Spanish Defense Minister admitted to surveillance of 20 people involved in the Catalan independence movement.[167]

Use against Spanish government officials

In May 2022, the Spanish Government revealed that the smartphones of Prime Minister Pedro Sánchez and Defense Minister Margarita Robles had been targeted by Pegasus in May 2021.[168] Prime Minister Sanchez's device was infected twice, and Robles' device was infected once. A total of over 2.7GB of data was exfiltrated from the PM device, while only 9MB of data was extracted from the Defense Minister's device.[169] The espionage is, as of today, denied yet attributed to Moroccan entities, given the diplomatic tensions between the two at the time of the target.

Thailand

According to a report by Citizen Lab and Digital Reach, at least 30 political activists and government critics from Thailand were affected by the spyware. A spokesperson for the Ministry of Digital Economy and Society stated his ministry was not aware of any Pegasus usage by the government. A researcher from Citizen Lab has said that while 30 targets were confirmed definitively, they expect the actual number to be much higher.[170]

Tibet

Senior advisers of the Dalai Lama (who does not carry a personal phone himself), Tibet's president-in-exile, staff of a prominent Tibetan Buddhist spiritual leader Gyalwang Karmapa, as well as several other Tibetan activists and clerics – all of whom are living in exile in India – were selected for potential targeting by Pegasus, likely by the Indian government.[171]

Togo

A joint investigation by The Guardian and Le Monde alleged that Pegasus software was used to spy on six critics of the government in Togo.[145]

Uganda

It has been reported that Muhoozi Kainerugaba brokered a deal to use Pegasus in Uganda, paying between $10 and $20 million in 2019. The software was later used to hack the phones of 11 US diplomats and employees of the US embassy in Uganda some time during 2021.[172]

Ukraine

At least since 2019, Ukraine had sought to obtain Pegasus in its effort to counter what it saw as an increasing threat of Russian aggression and espionage, however, Israel had imposed a near-total ban on weapons sales to Ukraine (which also encompassed cyberespionage tools), wary of selling Pegasus to states that would use the tool against Russia so as not to damage relations with Russia. In August 2021, at a time when Russian troops were amassing on the Ukrainian border, Israel again rebuffed a request from a Ukrainian delegation asking to obtain Pegasus; according to a Ukrainian official familiar with the matter, Pegasus could have provided critical support in Ukraine's effort to monitor Russian military activity. In the wake of the 2022 Russian invasion of Ukraine, Ukrainian officials rebuked Israel's tepid support of Ukraine and Israeli efforts to maintain amicable relations with Russia.[59]

United Arab Emirates

In December 2020, it was reported that Saudi Arabia and the United Arab Emirates deployed a zero-click iMessage Pegasus exploit against two London-based reporters and 36 journalists at the Al Jazeera television network in Qatar.

Qatar hired Israeli-based cybersecurity firm "Sdema Group "in exchange of million-euro contract for providing security at the 2022 World Cup soccer championship in Qatar.[173]

The United Arab Emirates used Pegasus to spy on the members of Saudi-backed Yemeni government according to an investigation published in July 2021. The UAE used the spyware to monitor and spy on the ministers of the internationally recognized government of President Abdrabbuh Mansur Hadi, including Yemeni president and his family members, former Prime Minister Ahmed Obaid Bin Dagher, former Foreign Minister Abdulmalik Al-Mekhlafi, and current Minister of Youth and Sports, Nayef al-Bakri.[174]

In August 2021, Amnesty International confirmed that David Haigh, a prominent British Human Rights lawyer and founder of Human Rights NGO Detained International, was the first British person to have evidence on his mobile phone that it had been hacked by NSO spyware.[175] It is believed the illegal hacking was carried out in August 2020 by the government of Dubai. At the time of the infection, David Haigh was the lawyer representing Dubai Princess Latifa bint Mohammed Al Maktoum who was being held hostage, and he was assisting Princess Haya bint Hussein and her legal team as well.[176] Haigh had been exchanging videos and text messages in secret for more than a year and a half with Princess Latifa through a phone that had been smuggled into the Dubai villa where she was being held. She stopped responding on July 21, 2020, according to a screenshot of the messages Haigh shared. The analysis shows that Haigh's phone was hacked two weeks later.[177]

On 24 September 2021, The Guardian reported that the telephone of Alaa al-Siddiq, executive director of ALQST, who died in a car accident in London on 20 June 2021, was infected with the Pegasus spyware for 5 years until 2020. Citizen Lab confirmed that the Emirati activist was hacked by a government client of Israel's NSO Group. The case represented a worrying trend for activists and dissidents, who escaped the UAE to live in the relative safety, but were never out of the reach of Pegasus.[178]

In October 2021, the British High Court ruled that agents of Mohammed bin Rashid Al Maktoum used Pegasus to hack the phones of his (ex)-wife, Princess Haya bint Hussein, her solicitors (including baroness Fiona Shackleton), a personal assistant and two members of her security team in the summer of 2020. The court ruled that the agents acted "with the express or implied authority" of the sheikh; he denied knowledge of the hacking. The judgment referred to the hacking as "serial breaches of (UK) domestic criminal law", "in violation of fundamental common law and ECHR rights", "interference with the process of this court and the mother's access to justice" and "abuse of power" by a head of state. NSO had contacted an intermediary in August 2020 to inform Princess Haya of the hack and is believed to have terminated its contract with the UAE.[179]

On 7 October 2021, the NSO Group stated that it had terminated its contract with the UAE to use its Pegasus spyware tool after the ruling by UK's High Court that Dubai's ruler misused the firm's Pegasus software to spy on his ex-wife and her legal advisers.[180]

In 2022, sources revealed that a unit of Abu Dhabi's Mubadala Investment Company, Mubadala Capital was one of the largest investors in €1 billion Novalpina Capital private equity fund, which bought the NSO Group in 2019. Since then, Mubadala has been an investor in the firm with its commitment of €50 million, acquiring a seat on the committee of largest investors of the equity fund. Journalists, human rights defenders and the women of Dubai's royal family were traced to have been hacked using the Pegasus spyware during the same time.[181]

A report by the Citizen Lab revealed that Pegasus spyware linked to an Emirati operative was used to hack into the phones at the Downing Street and the Foreign Office. One of the spyware attack on No 10 was on 7 July 2020, which was asserted to have infected the phone of British Prime Minister Boris Johnson. Besides, at least five attacks were identified on Foreign Office phones by UK allies, including the UAE, between July 2020 and June 2021.[182] The UAE was also alleged of hiring a firm to "monitor" Jeremy Corbyn.[183]

United Kingdom (UK)

In April 2022, Citizen Lab released a report stating that 10 Downing Street staff had been targeted by Pegasus, and that the United Arab Emirates was suspected of originating the attacks in 2020 and 2021.[184]

United States (US)

NSO Group pitched its spyware to the Drug Enforcement Administration (DEA), which declined to purchase it due to its high cost.[185]

In August 2016, NSO Group (through its U.S. subsidiary Westbridge) pitched its U.S. version of Pegasus to the San Diego Police Department (SDPD). In the marketing material, Westbridge emphasized that the company is U.S.-based and majority-owned by a U.S. parent company. An SDPD Sergeant responded to the sales pitch with "sounds awesome". The SDPD declined to purchase the spyware as it was too expensive.[37]

In July 2021, it was revealed that the phone numbers of about a dozen U.S. citizens – including diplomats, journalists, aid workers, and dissident expatriates – were on a list of prospective targets for Pegasus infiltration, however, it was not known whether an attack was ever attempted or completed against any of their devices. Among the phone numbers discovered on the list were those of the Obama administration's chief negotiator of the Joint Comprehensive Plan of Action as well as those of several United Nations diplomats residing in the U.S. NSO Group has said that Pegasus is not deployed against any device located within the territory of the U.S., however, it has been suggested that U.S. citizens can become targets when abroad.[186]

In December 2021, it was reported that Pegasus spyware was found in the preceding months on the iPhones of at least nine U.S. State Department employees, all of whom were either stationed in Uganda or worked on matters related to Uganda.[187] Later the same month, AP reported that a total of 11 U.S. State Department employees stationed in Uganda had their iPhones hacked with Pegasus.[188] The US government blacklisted the NSO Group to stop what it called "transnational repression".[189]

In January 2022, it was reported that the Federal Bureau of Investigation had secretly bought the Pegasus spyware in 2019 and had seen a demonstration of Phantom, a newer tool capable of targeting American phone numbers. The FBI went on to test both tools, and considered their use for domestic surveillance in the U.S., which reportedly led to discussions between the FBI and United States Department of Justice; ultimately the FBI decided against using NSO spyware. However, despite the 2021 decision rejecting use of NSO software, Pegasus equipment is still in the FBI's possession at a New Jersey facility.[190] [191] Responding to the reports, FBI officials played down the domestic surveillance aspect of the Pegasus testing, instead stressing counter-intelligence as their purported main goal. A document later obtained by The New York Times clearly showed that the agency weighed using Pegasus and Phantom in domestic law enforcement cases.[192] [193]

L3Harris, a U.S. defense contractor, was in talks to acquire NSO Group, the maker of Pegasus. L3Harris reportedly had the backing of U.S. intelligence in undertaking the acquisition negotiations. After months of negotiations, the talks were scuttled after they were made known to the public by the news media in June 2022, with the U.S. government publicly rebuking the acquisition attempt.[56]

In March 2023, President Joe Biden signed an executive order that prohibited "operational use by the United States Government of commercial spyware that poses risks to national security or has been misused by foreign actors to enable human rights abuses around the world."[194] [195]

Yemen

The forensic analysis of UN independent investigator Kamel Jendoubi's mobile phone revealed on 20 December 2021 that he was targeted using spyware while probing war crimes of Yemen. Jendoubi was targeted while he was examining possible war crimes in Yemen. Jendoubi's mobile number was also found in the leaked database of the Pegasus Project. According to the data, Jendoubi was one of the potential targets of one of NSO Group's long-time clients, Saudi Arabia. However, NSO spokesperson denied Kamel Jendoubi as any of its client's targets.[196]

International organizations

European Union

In April 2022, according to two EU officials and documentation obtained by Reuters, the European Justice Commissioner Didier Reynders and other European Commission officials had been targeted by NSO's software. The commission learned of this after Apple notified thousands of iPhone users in November 2021 that they were targeted by state-sponsored hackers. According to the same two sources, IT experts examined some of the smartphones, but the results were inconclusive.[197]

Pegasus Project

See main article: Pegasus Project (investigation). A leak of a list of more than 50,000 telephone numbers believed to have been identified as those of people of interest by clients of NSO since 2016 became available to Paris-based media nonprofit organisation Forbidden Stories and Amnesty International. They shared the information with seventeen news media organisations in what has been called Pegasus Project, and a months-long investigation was carried out, which reported from mid-July 2021. The Pegasus Project involved 80 journalists from the media partners including The Guardian (UK), Radio France and Le Monde (France), Die Zeit and Süddeutsche Zeitung (Germany), The Washington Post (United States), Haaretz (Israel), Aristegui Noticias, Proceso (Mexico), the Organized Crime and Corruption Reporting Project, Knack, Le Soir, The Wire,[198] Daraj,[199] Direkt36 (Hungary),[200] and Frontline.[201] Evidence was found that many phones with numbers in the list had been targets of Pegasus spyware.[11] [202] However, The CEO of NSO Group categorically claimed that the list in question is unrelated to them, the source of the allegations can't be verified as reliable one. "This is an attempt to build something on a crazy lack of information... There is something fundamentally wrong with this investigation".[203]

French intelligence (ANSSI) confirmed that Pegasus spyware had been found on the phones of three journalists, including a journalist of France 24, in what was the first time an independent and official authority corroborated the findings of the investigation.[204]

On 26 January 2022, the reports revealed that mobile phones of Lama Fakih, a US-Lebanese citizen and director of crisis and conflict at Human Rights Watch, were repeatedly hacked by a client of NSO Group at a time when she was investigating the 2020 Beirut explosion that killed more than 200 people.[205]

In July 2021, a joint investigation conducted by seventeen media organisations, revealed that Pegasus spyware was used to target and spy on heads of state, activists, journalists, and dissidents, enabling "human rights violations around the world on a massive scale". The investigation was launched after a leak of 50,000 phone numbers of potential surveillance targets. Amnesty International carried out forensic analysis of mobile phones of potential targets. The investigation identified 11 countries as NSO clients: Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Togo, and the United Arab Emirates. The investigation also revealed that journalists from multiple media organizations including Al Jazeera, CNN, the Financial Times, the Associated Press, The New York Times, The Wall Street Journal, Bloomberg News and Le Monde were targeted, and identified at least 180 journalists from 20 countries who were selected for targeting with NSO spyware between 2016 and June 2021.[206] [207]

Reactions

NSO Group response

Responding to August 2016 reports of a targeting of an Arab activist, NSO Group stated that they provide "authorized governments with technology that helps them combat terror and crime", although the Group told him that they had no knowledge of any incidents.[208]

Bug-bounty program skepticism

In the aftermath of the news, critics asserted that Apple's bug-bounty program, which rewards people for finding flaws in its software, might not have offered sufficient rewards to prevent exploits being sold on the black market, rather than being reported back to Apple. Russell Brandom of The Verge commented that the reward offered in Apple's bug-bounty program maxes out at $200,000, "just a fraction of the millions that are regularly spent for iOS exploits on the black market". He goes on to ask why Apple doesn't "spend its way out of security vulnerabilities?", but also writes that "as soon as [the Pegasus] vulnerabilities were reported, Apple patched them—but there are plenty of other bugs left. While spyware companies see an exploit purchase as a one-time payout for years of access, Apple's bounty has to be paid out every time a new vulnerability pops up."

Brandom also wrote; "The same researchers participating in Apple's bug bounty could make more money selling the same finds to an exploit broker." He concluded the article by writing; "It's hard to say how much damage might have been caused if Mansoor had clicked on the spyware link... The hope is that, when the next researcher finds the next bug, that thought matters more than the money."[209]

Complaints

WhatsApp

On 20 October 2019, Meta Platforms Inc.’s WhatsApp filed a lawsuit against Israel's NSO Group for exploiting a bug in its WhatsApp messaging app to install spyware (Pegasus) that allowed the surveillance of 1400 people in 20 countries, including journalists, human rights activists, political dissidents and diplomats.[210] WhatsApp said it was seeking a permanent demand to block NSO from using its service, and asked lawmakers to bar the use of cyberweapons like those NSO Group has sold to governments. On 9 January 2023, the Supreme Court of the United States denied the appeal of NSO of the lower court's decision to continue the lawsuit and allowed WhatsApp to pursue its lawsuit against Israel's NSO Group.[211]

Apple

On 23 November 2021, Apple announced that it has filed a lawsuit against Israeli cyber company NSO Group and its parent company OSY Technologies for allegedly surveillance and targeting iPhone users with its Pegasus spyware. Apple stated that contrary to NSO's claim of targeting terrorists and criminals, this spyware has also been used against activists, politicians, and journalists.[212] Apple's statement said the company is seeking a permanent injunction to bar NSO Group from using Apple's software, services, or devices to prevent further abuse and harm to users.[213]

See also

Further reading

External links

Notes and References

  1. News: Timberg . Craig . Albergotti . Reed . Guéguen . Elodie . Despite the hype, iPhone security no match for NSO spyware – International investigation finds 23 Apple devices that were successfully hacked . 19 July 2021 . . 19 July 2021 . July 19, 2021 . https://web.archive.org/web/20210719121837/https://www.washingtonpost.com/technology/2021/07/19/apple-iphone-nso/ . live .
  2. News: With Israel's Encouragement, NSO Sold Spyware to UAE and Other Gulf States. August 23, 2020. Haaretz. August 23, 2020. https://web.archive.org/web/20200823090408/https://www.haaretz.com/israel-news/.premium-with-israel-s-encouragement-nso-sold-spyware-to-uae-and-other-gulf-states-1.9093465. live.
  3. News: Sanger . David E. . Perlroth . Nicole . Swanson . Ana . Bergman . Ronen . 2021-11-03 . U.S. Blacklists Israeli Firm NSO Group Over Spyware . 2024-04-25 . The New York Times . en-US . 0362-4331.
  4. Triple Threat: NSO Group's Pegasus Spyware Returns in 2022 with a Trio of iOS 15 and iOS 16 Zero-Click Exploit Chains. 2023-07-15. citizenlab.ca. April 18, 2023. en. 2023-04-18. https://web.archive.org/web/20230418113018/https://citizenlab.ca/2023/04/nso-groups-pegasus-spyware-returns-in-2022/. live . Marczak . Bill . Scott-Railton . John . Razzak . Bahr Abdul . Deibert . Ron .
  5. News: Cox. Joseph. 12 May 2020. NSO Group Pitched Phone Hacking Tech to American Police. Vice. January 30, 2022. January 30, 2022. https://web.archive.org/web/20220130025302/https://www.vice.com/en/article/8899nz/nso-group-pitched-phone-hacking-tech-american-police. live.
  6. News: May I have a word about… Pegasus spyware . Bouquet . Jonathan . The Guardian . 19 May 2019 . July 18, 2021 . January 26, 2021 . https://web.archive.org/web/20210126091608/https://www.theguardian.com/theobserver/commentisfree/2019/may/19/may-i-have-a-word-about-pegasus-spyware . live .
  7. News: Pegasus Project: Apple iPhones compromised by NSO spyware. 19 Jul 2021. July 15, 2023. July 19, 2021 . https://web.archive.org/web/20210719143933/https://www.amnesty.org/en/latest/news/2021/07/pegasus-project-apple-iphones-compromised-by-nso-spyware/ . live. Amnesty International .
  8. News: Bergman . Ronen . Mazzetti . Mark . The Battle for the World's Most Powerful Cyberweapon . The New York Times . 28 January 2022 .
  9. Web site: Government Hackers Caught Using Unprecedented iPhone Spy Tool . . . August 26, 2016 . May 15, 2019 . Franceschi-Bicchierai, Lorenzo . September 3, 2020 . https://web.archive.org/web/20200903100656/https://www.vice.com/en_us/article/3da5qj/government-hackers-iphone-hacking-jailbreak-nso-group . live .
  10. Web site: 2021-07-18. What is Pegasus spyware and how does it hack phones?. 2021-07-19. The Guardian. en. July 19, 2021. https://web.archive.org/web/20210719225916/https://www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones. live.
  11. News: Revealed: leak uncovers global abuse of cyber-surveillance weapon . Kirchgaessner . Stephanie . Lewis . Paul . Pegg . David . Cutler . Sam . The Observer . July 18, 2021 . July 18, 2021 . July 19, 2021 . https://web.archive.org/web/20210719172826/http://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus . live .
  12. News: Lee. Dave. August 26, 2016. Who are the hackers who cracked the iPhone?. BBC News. June 21, 2018. July 19, 2018. https://web.archive.org/web/20180719183220/https://www.bbc.com/news/technology-37192670. live.
  13. Marczak. Bill. Scott-Railton. John. August 24, 2016. The Million Dollar Dissident: NSO Group's iPhone Zero-Days used against a UAE Human Rights Defender. 2017-03-25. Citizen Lab. December 17, 2016. https://web.archive.org/web/20161217014412/https://citizenlab.org/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/. live.
  14. Technical Analysis of Pegasus Spyware. Lookout. August 25, 2016. 2016-08-25. February 19, 2022. https://web.archive.org/web/20220219070611/https://info.lookout.com/rs/051-ESQ-475/images/lookout-pegasus-technical-analysis.pdf. live.
  15. Web site: Fox-Brewster. Thomas. August 25, 2016. Everything We Know About NSO Group: The Professional Spies Who Hacked iPhones With A Single Text. 2016-08-25. Forbes. August 26, 2016. https://web.archive.org/web/20160826205421/http://www.forbes.com/sites/thomasbrewster/2016/08/25/everything-we-know-about-nso-group-the-professional-spies-who-hacked-iphones-with-a-single-text/. live.
  16. News: Lee. Dave. August 26, 2016. Who are the hackers who cracked the iPhone?. BBC News. 2016-08-26. July 30, 2019. https://web.archive.org/web/20190730125305/https://www.bbc.co.uk/news/technology-37192670. live.
  17. News: Rodriguez. Rolando B.. Diaz. Juan Manuel. August 7, 2015. Abren sumario en caso Hacking Team. La Prensa (Panama City). 2016-08-25. March 28, 2019. https://web.archive.org/web/20190328231023/https://www.prensa.com/locales/Espiar-obsesion-Martinelli_0_4271572998.html. live.
  18. Web site: August 25, 2016. About the security content of iOS 9.3.5. 2016-08-25. Apple Inc.. September 25, 2019. https://web.archive.org/web/20190925094410/https://support.apple.com/en-us/HT207107. live.
  19. Web site: September 1, 2016. About the security content of Security Update 2016-001 El Capitan and Security Update 2016-005 Yosemite. 2016-09-01. Apple Inc.. September 25, 2019. https://web.archive.org/web/20190925094417/https://support.apple.com/en-us/HT207130. live.
  20. Web site: August 25, 2016. Sophisticated, persistent mobile attack against high-value targets on iOS. December 21, 2016. Lookout. December 17, 2016. https://web.archive.org/web/20161217041121/https://blog.lookout.com/blog/2016/08/25/trident-pegasus/. live.
  21. News: Kirkpatrick. David D.. David D. Kirkpatrick. Ahmed. Azam. August 31, 2018. Hacking a Prince, an Emir and a Journalist to Impress a Client. The New York Times. August 31, 2018. May 24, 2019. https://web.archive.org/web/20190524152209/https://www.nytimes.com/2018/08/31/world/middleeast/hacking-united-arab-emirates-nso-group.html. live.
  22. News: Perlroth. Nicole. September 2, 2016. How Spy Tech Firms Let Governments See Everything on a Smartphone. The New York Times. August 31, 2018. May 14, 2019. https://web.archive.org/web/20190514140743/https://www.nytimes.com/2016/09/03/technology/nso-group-how-spy-tech-firms-let-governments-see-everything-on-a-smartphone.html. live.
  23. News: August 31, 2018. Lawsuits claim Israeli spyware firm helped UAE regime hack opponents' phones. The Times of Israel. August 31, 2018. May 25, 2019. https://web.archive.org/web/20190525045542/https://www.timesofisrael.com/lawsuits-claim-israeli-spyware-firm-helped-uae-hack-opponents-phones/. live.
  24. Web site: El controversial pasado de Pegasus en Panamá | la Prensa Panamá. October 31, 2019. July 24, 2021. July 24, 2021. https://web.archive.org/web/20210724095855/https://www.prensa.com/impresa/panorama/controversial-pasado-Pegasus-Panama_0_5430956930.html. live.
  25. Web site: ¿Qué es el sistema Pegasus?. July 24, 2021. July 24, 2021. https://web.archive.org/web/20210724095857/https://www.laestrella.com.pa/nacional/191107/sistema-pegasus. live.
  26. Web site: NSO Group y su Pegasus, el software que metió en problemas judiciales a un expresidente panameño. July 19, 2021. July 24, 2021. July 24, 2021. https://web.archive.org/web/20210724100712/https://www.tvn-2.com/mundo/escandalo-internacional-Pegasus-judiciales-expresidente_0_5901909799.html. live.
  27. Web site: 'Martinelli pidió disco duro de Pegasus' | la Prensa Panamá. June 8, 2019. July 24, 2021. July 24, 2021. https://web.archive.org/web/20210724100711/https://www.prensa.com/impresa/panorama/Martinelli-pidio-disco-duro-Pegasus_0_5322967655.html. live.
  28. News: Boot. Max. December 5, 2018. An Israeli tech firm is selling spy software to dictators, betraying the country's ideals. The Washington Post. April 19, 2019. April 19, 2019. https://web.archive.org/web/20190419191309/https://www.washingtonpost.com/opinions/2018/12/05/israel-is-selling-spy-software-dictators-betraying-its-own-ideals/. live.
  29. News: December 21, 2020. Al Jazeera journalists 'hacked via NSO Group spyware'. en-GB. BBC News. March 10, 2021. March 9, 2021. https://web.archive.org/web/20210309075932/https://www.bbc.com/news/technology-55396843. live.
  30. Web site: Al Jazeera journalists hacked using Israeli firm's spyware. March 10, 2021. Al Jazeera. en. March 10, 2021. https://web.archive.org/web/20210310003419/https://www.aljazeera.com/news/2020/12/21/al-jazeera-journalists-hacked-by-spyware-sold-by-israeli-firm. live.
  31. News: Kirchgaessner . Stephanie . 2024-02-29 . Court orders maker of Pegasus spyware to hand over code to WhatsApp . 2024-04-08 . The Guardian . en-GB . 0261-3077.
  32. News: Nicole . Perlroth . IPhone Users Urged to Update Software After Security Flaws Are Found . . August 25, 2016 . December 21, 2016 . May 29, 2019 . https://web.archive.org/web/20190529100124/https://www.nytimes.com/2016/08/26/technology/apple-software-vulnerability-ios-patch.html . live .
  33. Thomas . Fox-Brewster . Everything We Know About NSO Group: The Professional Spies Who Hacked iPhones With A Single Text . . August 25, 2016 . December 21, 2016 . May 29, 2019 . https://web.archive.org/web/20190529000237/https://www.forbes.com/sites/thomasbrewster/2016/08/25/everything-we-know-about-nso-group-the-professional-spies-who-hacked-iphones-with-a-single-text/ . live .
  34. Web site: Rich. Cannings. Jason. Woloz. Neel. Mehta. Ken. Bodzak. Wentao. Chang. Megan. Ruthven. An investigation of Chrysaor Malware on Android. Android Developers Blog. en. January 30, 2022. January 30, 2022. https://web.archive.org/web/20220130095623/https://android-developers.googleblog.com/2017/04/an-investigation-of-chrysaor-malware-on.html. live.
  35. Web site: Pegasus: The ultimate spyware for iOS and Android. John. Snow. Kaspersky Daily. 17 August 2017. December 4, 2019. December 4, 2019. https://web.archive.org/web/20191204173115/https://www.kaspersky.com/blog/pegasus-spyware/14604/. live.
  36. Web site: 2021-07-18. What is Pegasus spyware and how does it hack phones?. 2022-02-01. the Guardian. en. July 19, 2021. https://web.archive.org/web/20210719225916/https://www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones. live.
  37. Web site: NSO Group Pitched Phone Hacking Tech to American Police. 2022-02-01. www.vice.com. May 12, 2020 . en. January 30, 2022. https://web.archive.org/web/20220130025302/https://www.vice.com/en/article/8899nz/nso-group-pitched-phone-hacking-tech-american-police. live.
  38. A Leak Details Apple's Secret Dirt on a Trusted Security Startup . 21 Nov 2022 . Lorenzo . Franceschi-Bicchierai . WIRED.
  39. Web site: Esser. Stefan. September 5, 2016. PEGASUS iOS Kernel Vulnerability Explained – Part 2. August 31, 2019. SektionEins GmbH. en. August 31, 2019. https://web.archive.org/web/20190831073755/https://www.sektioneins.de/en/blog/16-09-05-pegasus-ios-kernel-vulnerability-explained-part-2.html. live.
  40. Web site: Beer. Ian. Groß. Samuel. 2021-12-15. Project Zero: A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution. 2021-12-16. Google Project Zero. December 16, 2021. https://web.archive.org/web/20211216121726/https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html. live.
  41. Web site: Forensic Methodology Report: How to catch NSO Group's Pegasus. 2021-07-19. www.amnesty.org. July 18, 2021. en. July 19, 2021. https://web.archive.org/web/20210719211831/https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/. live.
  42. Web site: 2024-01-16 . Kaspersky reveals new method to detect Pegasus spyware . 2024-01-30 . www.kaspersky.com . es.
  43. Web site: iShutdown scripts can help detect iOS spyware on your iPhone . 2024-01-30 . BleepingComputer . en-us.
  44. Web site: Pegasus Spyware and Citizen Surveillance: Here's What You Should Know . 2024-04-29 . CNET . en.
  45. News: The NSO File: A Complete (Updating) List of Individuals Targeted With Pegasus Spyware. en. Haaretz. 2022-01-31. January 31, 2022. https://web.archive.org/web/20220131043221/https://www.haaretz.com/israel-news/tech-news/MAGAZINE-nso-pegasus-spyware-file-complete-list-of-individuals-targeted-1.10549510. live.
  46. Web site: 2021-12-03. Rights groups urge EU to ban NSO over clients' use of Pegasus spyware. 2022-01-30. the Guardian. en. January 30, 2022. https://web.archive.org/web/20220130144156/https://www.theguardian.com/law/2021/dec/03/rights-groups-urge-eu-to-ban-nso-over-clients-use-of-pegasus-spyware. live.
  47. News: Հայաստանյան ընդդիմության ու իշխանության առանցքային դեմքեր լրտեսական ծրագրի թիրախում են հայտնվել. 2021-11-25. «Ազատ Եվրոպա/Ազատություն» ռադիոկայան. November 25, 2021 . hy. November 25, 2021. https://web.archive.org/web/20211125234919/https://www.azatutyun.am/a/31578699.html. live. Խուլյան . Արտակ .
  48. News: Apple NSO Group-u məhkəməyə verir. 2021-11-25. Azadlıq Radiosu. November 24, 2021 . az. November 25, 2021. https://web.archive.org/web/20211125234920/https://www.azadliq.org/a/apple-nso-group-mehkeme/31576406.html. live.
  49. News: "Ազատ Եվրոպա/Ազատություն" ռ/կ նախագահը դատապարտում է ադրբեջանական ծառայության լրագրողների լրտեսումը Pegasus ծրագրով. 2021-11-25. «Ազատ Եվրոպա/Ազատություն» ռադիոկայան. July 20, 2021 . hy. November 25, 2021. https://web.archive.org/web/20211125234920/https://www.azatutyun.am/a/31368091.html. live.
  50. Web site: From Pearl to Pegasus: Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits. 24 August 2021. The Citizen Lab. August 24, 2021. January 2, 2020. https://web.archive.org/web/20200102225119/https://citizenlab.ca/2021/08/bahrain-hacks-activists-with-nso-group-zero-click-iphone-exploits/. live.
  51. Web site: Phones of nine Bahraini activists found to have been hacked with NSO spyware. 24 August 2021. The Guardian. August 24, 2021. January 2, 2020. https://web.archive.org/web/20200102225119/https://www.theguardian.com/world/2021/aug/24/phones-of-nine-bahraini-activists-found-to-have-been-hacked-with-nso-spyware. live.
  52. Web site: Two female activists in Bahrain and Jordan hacked with NSO spyware. 17 January 2022. The Guardian. January 17, 2022. January 24, 2022. https://web.archive.org/web/20220124075133/https://www.theguardian.com/news/2022/jan/17/two-female-activists-in-bahrain-and-jordan-hacked-with-nso-spyware. live.
  53. Web site: Bahrain: Devices of three activists hacked with Pegasus spyware. 18 February 2022. Amnesty International. February 18, 2022. February 20, 2022. https://web.archive.org/web/20220220132650/https://www.amnesty.org/en/latest/news/2022/02/bahrain-devices-of-three-activists-hacked-with-pegasus-spyware/. live.
  54. News: No safe haven? The Bahraini dissident still menaced after gaining UK asylum. 6 December 2022. The Guardian. December 6, 2022 . Kirchgaessner . Stephanie .
  55. From Pearl to Pegasus: Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits. 24 August 2021. The Citizen Lab. August 24, 2021 . Marczak . Bill . Abdulemam . Ali . Al-Jizawi . Noura . Anstis . Siena . Berdan . Kristin . Scott-Railton . John . Deibert . Ron .
  56. News: Mazzetti . Mark . Bergman . Ronen . Defense Firm Said U.S. Spies Backed Its Bid for Pegasus Spyware Maker . The New York Times . 10 July 2022 .
  57. News: Pegasus discovered on journalist's phone in Dominican Republic . 9 May 2023 . Amnesty International . 2 May 2023 . en.
  58. News: Abi-Habib . Maria . Journalists in El Salvador Targeted With Spyware Intended for Criminals . The New York Times . 13 January 2022 .
  59. News: Bergman . Ronen . Mazzetti . Mark . Israel, Fearing Russian Reaction, Blocked Spyware for Ukraine and Estonia . The New York Times . 23 March 2022 .
  60. Web site: The million-dollar reporter How attackers hijacked the phone of Meduza co-founder Galina Timchenko, making her the first Russian journalist to be infected with Pegasus spyware . 2023-09-14 . Meduza . en.
  61. https://www.euronews.com/2022/01/28/finnish-diplomats-were-targeted-by-pegasus-spyware-says-foreign-ministry Finnish diplomats were targeted by Pegasus spyware, says foreign ministry
  62. Web site: 2022-01-30 . Finnish diplomats' phones hacked . 2024-06-12 . News . en.
  63. News: 2021-07-23 . Pegasus spyware: French President Macron changes phone after hack reports . en-GB . BBC News . 2022-05-19.
  64. News: 2023-02-18 . Pegasus case: complaints filed in France dismissed, Morocco appeals . fr-FR . RFI . 2023-07-23.
  65. News: German police secretly bought Pegasus spyware . Deutsche Welle . 7 September 2021 .
  66. Web site: Even in Europe, we are not safe A statement from Meduza editor-in-chief Ivan Kolpakov . 2024-02-29 . Meduza . en.
  67. Web site: Hacking Meduza: Pegasus spyware used to target Putin's critic . 2023-09-14 . Access Now . en-US.
  68. Pegasus Infection of Galina Timchenko, exiled Russian Journalist and Publisher . 2023-09-13 . Citizen Lab, University of Toronto.
  69. News: Hungary admits to using Pegasus spyware – DW – 11/04/2021 . Deutsche Welle . 11 April 2021 .
  70. News: Европрослушка: Как власти стран ЕС шпионят за оппозицией, прессой, бизнесом и коллегами из других государств . Eurowiretapping: How the authorities of the EU countries spy on the opposition, the press, business and colleagues from other states . ru . Компромат.Ru . 4 September 2023 . 14 September 2023 . 14 September 2023 . https://web.archive.org/web/20230914202557/https://www.compromat.ru/page_44602.htm.
  71. Web site: 2021-07-18. Viktor Orbán accused of using Pegasus to spy on journalists and critics. 2021-07-18. the Guardian. en. January 29, 2022. https://web.archive.org/web/20220129110913/https://www.theguardian.com/news/2021/jul/18/viktor-orban-using-nso-spyware-in-assault-on-media-data-suggests. live.
  72. Web site: 2021-07-18. Viktor Orbán accused of using Pegasus to spy on journalists and critics. 2022-01-30. the Guardian. en. January 29, 2022. https://web.archive.org/web/20220129110913/https://www.theguardian.com/news/2021/jul/18/viktor-orban-using-nso-spyware-in-assault-on-media-data-suggests. live.
  73. Web site: Hungarian official: Government bought, used Pegasus spyware . . November 4, 2021 . 2021-11-14 . https://web.archive.org/web/20211108041314/https://apnews.com/article/technology-europe-hungary-malware-spyware-ccacf6da9406d38f29f0472ba44800e0 . 2021-11-08 .
  74. Web site: Bhattacharya. Ananya. What is Pegasus and how did it target Indians on WhatsApp?. March 10, 2021. Quartz. October 31, 2019 . en. June 28, 2021. https://web.archive.org/web/20210628194309/https://qz.com/india/1739097/what-is-pegasus-and-how-did-it-target-indians-on-whatsapp/. live.
  75. Web site: November 19, 2019. Did Indian Govt Buy Pegasus Spyware? Home Ministry's Answer Is Worrying. March 10, 2021. HuffPost. en. November 1, 2020. https://web.archive.org/web/20201101015538/https://www.huffingtonpost.in/entry/did-indian-govt-buy-pegasus-spyware-home-ministry-answer-is-worrying_in_5dd3bbb1e4b082dae813a058. live.
  76. Web site: Indian Activists, Lawyers Were 'Targeted' Using Israeli Spyware Pegasus. March 10, 2021. The Wire. May 27, 2021. https://web.archive.org/web/20210527055057/https://thewire.in/tech/pegasus-spyware-bhima-koregaon-activists-warning-whatsapp. live.
  77. Web site: 2019-11-01. WhatsApp 'hack' is serious rights violation, say alleged victims. 2022-01-30. the Guardian. en. December 22, 2021. https://web.archive.org/web/20211222212038/https://www.theguardian.com/technology/2019/nov/01/whatsapp-hack-is-serious-rights-violation-say-alleged-victims. live.
  78. Web site: Phones Of Indian Politicians, Journalists Hacked Using Pegasus: 10 Facts On Report. 2021-07-19. NDTV. July 19, 2021. https://web.archive.org/web/20210719051833/https://www.ndtv.com/india-news/40-indian-journalists-targeted-by-pegasus-spyware-their-phones-hacked-report-2489415. live.
  79. News: Correspondent . Special . Pegasus spyware used to 'snoop' on Indian journalists, activists . The Hindu . 18 July 2021 . en-IN .
  80. Web site: 2021-07-19. Phones of 2 Ministers, 3 Opp leaders among many targeted for surveillance: report. 2021-07-19. The Indian Express. en. July 19, 2021. https://web.archive.org/web/20210719051833/https://indianexpress.com/article/india/project-pegasus-phones-of-2-ministers-3-opp-leaders-among-many-targeted-for-surveillance-report-7411027/. live.
  81. https://www.washingtonpost.com/world/2021/07/20/indian-activists-surveillance/ Indian activists jailed on terrorism charges were on list with surveillance targets
  82. Web site: Snoop List Has 40 Indian Journalists, Forensic Tests Confirm Presence of Pegasus Spyware on Some. 2021-07-21. thewire.in. July 21, 2021. https://web.archive.org/web/20210721102652/https://thewire.in/media/pegasus-project-spyware-indian-journalists. live.
  83. Web site: 2021-07-20. Eleven phones targeted: Of woman who accused ex-CJI of harassment, kin. 2021-07-21. The Indian Express. en. July 21, 2021. https://web.archive.org/web/20210721093715/https://indianexpress.com/article/cities/delhi/pegasus-project-eleven-phones-targeted-of-woman-who-accused-ex-cji-of-harassment-kin-7412678/. live.
  84. Web site: Days After Accusing CJI Gogoi of Sexual Harassment, Staffer Put on List of Potential Snoop Targets. 2021-07-21. thewire.in. July 21, 2021. https://web.archive.org/web/20210721093715/https://thewire.in/rights/ranjan-gogoi-sexual-harassment-pegasus-spyware. live.
  85. Web site: Leaked Snoop List Suggests Surveillance May Have Played Role in Toppling of Karnataka Govt in 2019. 2021-07-21. thewire.in. July 21, 2021. https://web.archive.org/web/20210721100155/https://thewire.in/politics/karnataka-government-toppling-pegasus-spyware-surveillance. live.
  86. News: Key Cong-JDS leaders were 'possible targets' of Pegasus spyware during 2019 crisis: report . The Hindu . 20 July 2021 . en-IN .
  87. News: 2023-12-28 . India targets Apple over its phone hacking notifications . 2023-12-29 . Washington Post . en.
  88. News: 2021-07-20 . Iraqi president on list for potential Pegasus surveillance – Washington Post . en . Reuters . 2022-05-19.
  89. Web site: Israel police uses NSO's Pegasus to spy on citizens. CalcalistTech. January 18, 2022. January 19, 2022. January 19, 2022. https://web.archive.org/web/20220119185100/https://www.calcalistech.com/ctech/articles/0,7340,L-3927410,00.html. live.
  90. Web site: Ganon. Tomer. 2022-01-18. Israel police uses NSO's Pegasus to spy on citizens. 2022-02-01. CTECH - www.calcalistech.com. January 19, 2022. https://web.archive.org/web/20220119185100/https://www.calcalistech.com/ctech/articles/0,7340,L-3927410,00.html. live.
  91. Web site: Cahane. Amir. January 27, 2022. Israeli Police: From Warrantless Cellphone Searches to Controversial Misuse of Spyware. Lawfare. February 3, 2022. July 31, 2023. https://web.archive.org/web/20230731064533/https://www.lawfaremedia.org/article/israeli-police-warrantless-cellphone-searches-controversial-misuse-spyware. live.
  92. https://www.timesofisrael.com/police-targeted-activist-with-nso-software-saved-info-on-his-sex-life-report/ "Police targeted activist with NSO software, saved info on his sex life — report."
  93. Web site: Bachner. Michael. Israel Police accused of using NSO spyware on civilians for years without oversight. 2022-02-01. www.timesofisrael.com. en-US. February 1, 2022. https://web.archive.org/web/20220201035621/https://www.timesofisrael.com/israel-police-accused-of-using-nso-spyware-on-civilians-for-years-without-oversight/. live.
  94. https://www.calcalist.co.il/calcalistech/article/b1ou00kitf "What does the Israeli Police really say when it denies the Calcalist investigation?"
  95. https://www.jpost.com/business-and-innovation/tech-and-start-ups/article-693943 "Gideon Sa'ar: Reports about NSO, police must be checked."
  96. https://www.ynet.co.il/news/article/b122whotf "'To form a Commission of inquiry to review the police and NSO affair. An internal probe will not be enough'"
  97. Web site: Attorney general opens investigation into police use of NSO spyware against Israelis . The Times of Israel . 2022-01-20 . February 3, 2022 . February 3, 2022 . https://web.archive.org/web/20220203045632/https://www.timesofisrael.com/attorney-general-opens-investigation-into-police-use-of-nso-spyware-against-israelis/ . live .
  98. https://www.gov.il/he/departments/units/privacy_protection_council
  99. https://www.ynet.co.il/news/article/sjxiisirf "The police zig-zags on the NSO affair: 'evidence was discovered that changes things'"
  100. https://www.timesofisrael.com/ministry-heads-netanyahu-associates-activists-said-targeted-by-police-with-spyware/ "Ministry heads, Netanyahu associates, activists said targeted by police with spyware."
  101. https://www.timesofisrael.com/police-minister-establishes-commission-to-probe-explosive-nso-spying-claims/ "Police minister establishes commission to probe explosive NSO spying claims."
  102. https://www.timesofisrael.com/ex-ministry-chiefs-demand-state-commission-to-probe-police-wiretap-allegations/ "Ex-ministry chiefs demand state commission to probe police wiretap claims."
  103. News: Srivastava . Mehul . 2023-09-08 . Apple issues emergency patch after Pegasus spyware breach . Financial Times . 2023-09-08.
  104. Web site: 2022-04-05 . Victim's iPhone hacked by Pegasus spyware weeks after Apple sued NSO . 2022-07-11 . the Guardian . en.
  105. Web site: 2022-01-17 . Two female activists in Bahrain and Jordan hacked with NSO spyware . 2022-07-11 . the Guardian . en.
  106. https://www.bbc.com/news/technology-57881364 Pegasus: Spyware sold to governments 'targets activists'
  107. https://eurasianet.org/kazakhstan-activists-tracked-by-pegasus-angered-but-not-surprised Kazakhstan: Activists tracked by Pegasus angered but not surprised
  108. Web site: Who's on the List? – The Pegasus Project. OCCRP. January 21, 2022. January 8, 2022. https://web.archive.org/web/20220108105206/https://cdn.occrp.org/projects/project-p/. live.
  109. Web site: 2021-12-09. Kazakhstan: Four activists' mobile devices infected with Pegasus Spyware. 2022-01-27. Amnesty International. en. January 27, 2022. https://web.archive.org/web/20220127114524/https://www.amnesty.org/en/latest/news/2021/12/kazakhstan-four-activists-mobile-devices-infected-with-pegasus-spyware/. live.
  110. News: Kirchgaessner . Stephanie . 2023-09-25 . Russian news outlet in Latvia believes European state behind phone hack . en-GB . The Guardian . 2023-09-25 . 0261-3077.
  111. News: Kitroeff . Natalie . Bergman . Ronen . 2023-04-18 . How Mexico Became the Biggest User of the World's Most Notorious Spy Tool . en-US . The New York Times . 2023-09-14 . 0362-4331.
  112. News: Pegasus spyware: Mexico one of the biggest targets – DW – 07/22/2021 . Deutsche Welle . 22 July 2021 .
  113. News: Bergman, Ronen. Bergman, Ronen. January 10, 2019. Exclusive: How Mexican drug baron El Chapo was brought down by technology made in Israel. en. Ynetnews. Ynet. May 15, 2019. July 25, 2019. https://web.archive.org/web/20190725160412/https://www.ynetnews.com/articles/0,7340,L-5444330,00.html. live.
  114. News: Bergman, Ronen. January 11, 2019. Weaving a cyber web. en. Ynetnews. May 15, 2019. July 27, 2019. https://web.archive.org/web/20190727003214/https://www.ynetnews.com/articles/0,7340,L-5444998,00.html. live.
  115. News: Spying by Mexico's Armed Forces Brings Fears of a 'Military State' . The New York Times . March 7, 2023 . Kitroeff . Natalie . Bergman . Ronen .
  116. News: He Was Investigating Mexico's Military. Then the Spying Began. . The New York Times . May 22, 2023 . Kitroeff . Natalie . Bergman . Ronen .
  117. Scott-Railton. John. Marczak. Bill. Guarnieri. Claudio. Crete-Nishihata. Masashi. February 11, 2017. Bitter Sweet: Supporters of Mexico's Soda Tax Targeted With NSO Exploit Links. 2017-03-25. Citizen Lab. May 31, 2019. https://web.archive.org/web/20190531191658/https://citizenlab.org/2017/02/bittersweet-nso-mexico-spyware/. live.
  118. 2017-02-11. Bitter Sweet: Supporters of Mexico's Soda Tax Targeted With NSO Exploit Links. 2019-06-14. The Citizen Lab. en-US. May 31, 2019. https://web.archive.org/web/20190531191658/https://citizenlab.org/2017/02/bittersweet-nso-mexico-spyware/. live. Scott-Railton . John . Marczak . Bill . Guarnieri . Claudio . Crete-Nishihata . Masashi .
  119. News: Ahmed . Azam . Spyware in Mexico Targeted Investigators Seeking Students . The New York Times . 10 July 2017 .
  120. News: Why Did a Drug Gang Kill 43 Students? Text Messages Hold Clues. . The New York Times . September 2, 2023 . 2 September 2023 . Kitroeff . Natalie . Bergman . Ronen .
  121. Web site: 2021-07-18. Revealed: murdered journalist's number selected by Mexican NSO client. 2022-01-30. the Guardian. en. July 19, 2021. https://web.archive.org/web/20210719112007/https://www.theguardian.com/news/2021/jul/18/revealed-murdered-journalist-number-selected-mexico-nso-client-cecilio-pineda-birto. live.
  122. Web site: Patrucic . Pete Jones, Vyacheslav Abramov, and Miranda . World Leaders on Pegasus List Include France's President Macron, Morocco's King Mohammed, Kazakhstan's President . 2022-05-19 . OCCRP . en.
  123. Web site: December 7, 2020. 'It's a free-for-all': how hi-tech spyware ends up in the hands of Mexico's cartels. TheGuardian.com. January 30, 2022. February 24, 2022. https://web.archive.org/web/20220224014534/https://www.theguardian.com/world/2020/dec/07/mexico-cartels-drugs-spying-corruption. live.
  124. Web site: 2019-03-20. Report: Slain Mexican journalist's widow targeted by spyware. 2022-01-30. AP NEWS. en. January 30, 2022. https://web.archive.org/web/20220130150840/https://apnews.com/article/96ac1993609b4e9d9bbfd3cae60e5153. live.
  125. Web site: Kirchgaessner. Stephanie. 21 June 2020. Israeli spyware used to target Moroccan journalist, Amnesty claims. live. https://web.archive.org/web/20200730195225/https://www.theguardian.com/technology/2020/jun/21/journalist-says-he-was-targeted-by-spyware-from-firm-despite-its-human-rights-policy. 30 July 2020. 21 June 2020. The Guardian.
  126. Web site: Cheref. Abdelkader. 2021-07-29. Is Morocco's cyber espionage the last straw for Algeria?. 2021-09-18. en. October 1, 2021. https://web.archive.org/web/20211001195011/https://english.alaraby.co.uk/analysis/moroccos-cyber-espionage-last-straw-algeria. live.
  127. Web site: Pegasus: From its own king to Algeria, the infinite reach of Morocco's intelligence services. 2021-09-18. Middle East Eye. en. September 18, 2021. https://web.archive.org/web/20210918150858/https://www.middleeasteye.net/news/pegasus-morocco-king-macron-targeted-intelligence-reach. live.
  128. News: Ahmed . Hamid Ould . 2021-08-25 . Algeria cuts diplomatic relations with Morocco . en . Reuters . 2022-05-19.
  129. News: AIVD gebruikt omstreden Israëlische hacksoftware, ook voor hacken Ridouan Taghi . AIVD uses controversial Israeli hacking software, also for hacking Ridouan Taghi . NOS Nieuws . 2 June 2022 . nl .
  130. News: Kirchgaessner . Stephanie . Safi . Michael . November 8, 2021 . Palestinian activists' mobile phones hacked using NSO spyware, says report . en-UK . The Guardian . November 8, 2021 . November 8, 2021 . https://web.archive.org/web/20211108103551/https://www.theguardian.com/world/2021/nov/08/palestinian-activists-mobile-phones-hacked-by-nso-says-report . live .
  131. Web site: Bartkiewicz. Artur. 2022-01-03. "Gazeta Wyborcza": Jak kupowano Pegasusa dla CBA. "Gazeta Wyborcza": How Pegasus Was Bought for the CBA. 2022-01-06. Rzeczpospolita. pl. January 7, 2022. https://web.archive.org/web/20220107180407/https://www.rp.pl/polityka/art19250101-gazeta-wyborcza-jak-kupowano-pegasusa-dla-cba. live.
  132. Web site: Poland admits purchase of Israeli NSO spyware. Independent. January 7, 2022. 8 January 2022. January 10, 2022. https://web.archive.org/web/20220110074212/https://www.independent.co.uk/news/world/europe/poland-israel-nso-spyware-pegasus-b1988603.html. live.
  133. Web site: 2024-04-24 . Poland's prosecutor general says previous government used spyware against hundreds of people . 2024-04-29 . AP News . en.
  134. Web site: 2021-12-20. AP Exclusive: Polish opposition duo hacked with NSO spyware. 2022-01-06. AP NEWS. en. January 6, 2022. https://web.archive.org/web/20220106230921/https://apnews.com/article/technology-business-poland-hacking-warsaw-8b52e16d1af60f9c324cf9f5099b687e. live.
  135. Web site: Brejza inwigilowany Pegasusem. "PiS posłużył się podłymi metodami". 2022-01-06. RMF FM. pl. January 6, 2022. https://web.archive.org/web/20220106215510/https://www.rmf24.pl/polityka/news-brejza-inwigilowany-pegasusem-pis-posluzyl-sie-podlymi-metod,nId,5728185. live.
  136. Web site: 2022-01-06. Rights group verifies Polish senator was hacked with spyware. 2022-01-06. AP NEWS. en. January 6, 2022. https://web.archive.org/web/20220106215507/https://apnews.com/article/technology-business-canada-elections-europe-908b0dea290ca6be1894b89f784eac60. live.
  137. Web site: 2021-12-23. AP Exclusive: Polish opposition senator hacked with spyware. 2022-01-06. AP NEWS. en. January 7, 2022. https://web.archive.org/web/20220107143919/https://apnews.com/article/technology-business-middle-east-elections-europe-c16b2b811e482db8fbc0bbc37c00c5ab. live.
  138. Web site: 2022-01-05. 'Polish Watergate': Warsaw accused of using Pegasus to spy on rivals. 2022-01-06. euronews. en. January 6, 2022. https://web.archive.org/web/20220106215509/https://www.euronews.com/2022/01/05/polish-watergate-tensions-grow-as-polish-government-pushed-to-investigate-spyware-claims. live.
  139. Web site: Senacka komisja ds. Pegasusa rozpoczęła prace. Pierwszymi świadkami będą eksperci z Citizen Lab . . January 13, 2022 . 2022-01-25. pl. January 25, 2022. https://web.archive.org/web/20220125222441/https://www.polsatnews.pl/wiadomosc/2022-01-13/senacka-komisja-ds-pegasusa-rozpoczela-prace-pierwszymi-swiadkami-beda-eksperci-z-citizen-lab/. live.
  140. Web site: Citizen Lab: Kolejnych dwóch Polaków szpiegowanych Pegasusem. 2022-01-25. Rzeczpospolita. pl. January 25, 2022. https://web.archive.org/web/20220125222438/https://www.rp.pl/polityka/art19323941-citizen-lab-kolejnych-dwoch-polakow-szpiegowanych-pegasusem. live.
  141. Web site: Citizen Lab: Dwie kolejne osoby inwigilowane Pegasusem. 2022-01-25. www.rmf24.pl. pl. January 25, 2022. https://web.archive.org/web/20220125222441/https://www.rmf24.pl/polityka/news-citizen-lab-dwie-kolejne-osoby-inwigilowane-pegasusem,nId,5791760. live.
  142. Web site: Wroński. Paweł. Tynkowski. Marcin. 2022-02-07. Cyberatak na Najwyższą Izbę Kontroli. "Mamy podejrzenie włamania Pegasusem na trzy telefony". Cyber attack on the Supreme Audit Office. "We have a suspicion of a Pegasus hacking on three phones". 2022-02-08. Gazeta Wyborcza. pl. February 8, 2022. https://web.archive.org/web/20220208191906/https://wyborcza.pl/7,75398,28081346,cyberatak-na-najwyzsza-izbe-kontroli-dzis-poznamy-szczegoly.html?disableRedirects=true. live.
  143. Web site: 18 January 2024 . Lower house sets up investigative commission on Pegasus spyware . Polish Press Agency.
  144. Web site: Scislowska . Monika . 14 March 2024 . Former prime minister Kaczyński says Poland needed spyware but he wasn't interested in the details . . en.
  145. Web site: WhatsApp spyware attack: senior clergymen in Togo among activists targeted. August 3, 2020. the Guardian. April 18, 2022. April 6, 2022. https://web.archive.org/web/20220406195432/https://www.theguardian.com/technology/2020/aug/03/senior-clergymen-among-activists-targeted-by-spyware. live.
  146. News: Kirchgaessner . Stephanie . 2021-07-19 . Hotel Rwanda activist's daughter placed under Pegasus surveillance . en-GB . The Guardian . 2023-03-20 . 0261-3077.
  147. News: Kirchgaessner . Stephanie . Taylor . Diane . 2022-07-18 . Nephew of jailed Hotel Rwanda dissident hacked by NSO spyware . en-GB . The Guardian . 2023-03-20 . 0261-3077.
  148. News: Report accuses Saudi Arabia, UAE of probably hacking phones of over three dozen journalists in London, Qatar. The Washington Post. 20 December 2020. December 18, 2021. https://web.archive.org/web/20211218000249/https://www.washingtonpost.com/world/2020/12/20/saudi-arabia-uae-behind-phone-hacks-more-than-three-dozen-journalists-london-qatar-report-finds/. live.
  149. December 20, 2020. The Great iPwn: Journalists Hacked with Suspected NSO Group iMessage 'Zero-Click' Exploit. 20 December 2020. The Citizen Lab. January 30, 2022. https://web.archive.org/web/20220130095636/https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hacked-with-suspected-nso-group-imessage-zero-click-exploit/. live. Marczak . Bill . Scott-Railton . John . Al-Jizawi . Noura . Anstis . Siena . Deibert . Ron .
  150. News: Benner . Katie . Mazzetti . Mark . Hubbard . Ben . Isaac . Mike . Saudis' Image Makers: A Troll Army and a Twitter Insider . The New York Times . 20 October 2018 .
  151. News: October 1, 2018. The Kingdom Came to Canada – How Saudi-Linked Digital Espionage Reached Canadian Soil. The Citizen Lab. Toronto. November 8, 2019. November 8, 2018. https://web.archive.org/web/20181108025746/https://citizenlab.ca/2018/10/the-kingdom-came-to-canada-how-saudi-linked-digital-espionage-reached-canadian-soil/. live.
  152. News: Satter. Raphael. January 25, 2019. APNewsBreak: Undercover agents target cybersecurity watchdog. The Seattle Times via AP News. New York. January 26, 2019. January 26, 2019. https://web.archive.org/web/20190126093140/https://www.seattletimes.com/business/apnewsbreak-undercover-agents-target-cybersecurity-watchdog-2/. live. Updated January 26
  153. News: Israeli Software Helped Saudis Spy on Khashoggi, Lawsuit Says. The New York Times . December 2, 2018 . en. 2018-12-03. December 3, 2018. https://web.archive.org/web/20181203152403/https://www.nytimes.com/2018/12/02/world/middleeast/saudi-khashoggi-spyware-israel.html?action=click&module=Top%20Stories&pgtype=Homepage. live. Kirkpatrick . David D. .
  154. Web site: Falconer. Rebecca. 2019-03-24. Israeli firm won't say if it sold Saudis spyware linked to Khashoggi killing. 2019-11-09. Axios. en. March 25, 2019. https://web.archive.org/web/20190325063830/https://www.axios.com/hacking-firm-nso-saudi-sale-no-comment-khashoggi-b0d4f4d1-9218-4614-b1f1-03495f8be67f.html. live.
  155. Web site: Saudis behind NSO spyware attack on Jamal Khashoggi's family, leak suggests. TheGuardian.com. July 18, 2021. March 21, 2022. March 21, 2022. https://web.archive.org/web/20220321043335/https://www.theguardian.com/world/2021/jul/18/nso-spyware-used-to-target-family-of-jamal-khashoggi-leaked-data-shows-saudis-pegasus. live.
  156. Web site: Jamal Khashoggi's wife to sue NSO Group over Pegasus spyware. 22 September 2022. The Guardian. September 22, 2022 .
  157. If Saudi Arabia did hack Jeff Bezos, this is probably how it went down . https://archive.today/20210720134138/https://www.wired.co.uk/article/jeff-bezos-phone-hack-mbs-saudi-arabia . 20 July 2021 . 23 Jan 2020 . Wired UK . Burgess . Matt.
  158. Web site: Forensic report reveals Israeli spyware Pegasus behind Jeff Bezos's phone hack . 23 Jan 2020 . https://archive.today/20210720134147/https://timesofindia.indiatimes.com/gadgets-news/un-report-reveals-israeli-spyware-pegasus-behind-jeff-bezoss-phone-hack/articleshow/73540927.cms . 20 July 2021 . Sarkar . Debashis . Times of India .
  159. Web site: New York Times Journalist Ben Hubbard Hacked with Pegasus after Reporting on Previous Hacking Attempts. 24 October 2021. The Citizen Lab. October 24, 2021. January 2, 2020. https://web.archive.org/web/20200102225119/https://citizenlab.ca/2021/10/breaking-news-new-york-times-journalist-ben-hubbard-pegasus/. live.
  160. News: I Was Hacked. The Spyware Used Against Me Makes Us All Vulnerable.. 24 October 2021. The New York Times. October 24, 2021. Hubbard. Ben. October 31, 2021. https://web.archive.org/web/20211031175134/https://www.nytimes.com/2021/10/24/insider/hacking-nso-surveillance.html. live.
  161. https://citizenlab.ca/2018/10/the-kingdom-came-to-canada-how-saudi-linked-digital-espionage-reached-canadian-soil/ The Kingdom Came to Canada; How Saudi-Linked Digital Espionage Reached Canadian Soil
  162. Web site: British judge rules dissident can sue Saudi Arabia for Pegasus hacking. 19 August 2022. The Guardian. August 19, 2022 .
  163. News: Kirchgaessner. Stephanie. Jones. Sam. July 13, 2020. Phone of top Catalan politician 'targeted by government-grade spyware'. The Guardian. January 30, 2022. February 18, 2021. https://web.archive.org/web/20210218164804/https://www.theguardian.com/world/2020/jul/13/phone-of-top-catalan-politician-targeted-by-government-grade-spyware. live.
  164. Web site: Aduriz . Iñigo . 2022-04-19 . Unidas Podemos pide a Robles y Marlaska que investiguen el espionaje a dirigentes independentistas: "Tienen que rodar cabezas" . 2022-04-23 . ElDiario.es . es.
  165. 2022-04-18 . CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru . 2022-04-26 . The Citizen Lab . en-US. Scott-Railton . John . Campo . Elies . Marczak . Bill . Razzak . Bahr Abdul . Anstis . Siena . Böcü . Gözde . Solimano . Salvatore . Deibert . Ron .
  166. Web site: 2022-04-19 . Hauek dira Pegasus eta Candiru programekin ustez espiatu dituzten independentistak . 2022-04-23 . EITB . eu.
  167. News: Pegasus spyware strikes again in Europe . 5 May 2022 . Orla . Barry . The World.
  168. Web site: 2 May 2022 . Spanish prime minister's mobile phone infected by Pegasus spyware, government says . .
  169. Web site: 2 May 2022 . El Gobierno asegura que los móviles de Sánchez y Robles fueron espiados con Pegasus . 2 May 2022 . Vozpopuli . es.
  170. News: Pegasus phone spyware used to target 30 Thai activists, cyber watchdogs say . Reuters . 18 July 2022 .
  171. News: Safi . Michael . 2021-07-22 . Dalai Lama's inner circle listed in Pegasus project data . en-GB . The Guardian . 2023-03-20 . 0261-3077.
  172. Web site: The secret Uganda deal that has brought NSO to the brink of collapse . Srivastava . Mmehul . 22 December 2021 . ArsTechnica . 21 December 2021 . December 28, 2021 . https://web.archive.org/web/20211228001545/https://arstechnica.com/features/2021/12/the-secret-uganda-deal-that-has-brought-nso-to-the-brink-of-collapse/ . live .
  173. Web site: Doha, like Abu Dhabi, also hooked on Israeli technology. August 26, 2020. 26 August 2020. Intelligence Online .
  174. Web site: UAE targeted Yemen officials with Israeli Pegasus spyware: report. August 4, 2021. 4 August 2021. Daily Sabah. August 6, 2021. https://web.archive.org/web/20210806071212/https://www.dailysabah.com/world/mid-east/uae-targeted-yemen-officials-with-israeli-pegasus-spyware-report. live.
  175. News: Appendix e – Pegasus Forensic Traces per Target Identified in the Aftermath of the Pegasus Project Revelations . August 6, 2021 .
  176. News: Princess Latifa campaigner had 'phone compromised by Pegasus spyware' . August 2, 2021 .
  177. News: THE PEGASUS PROJECT A GLOBAL INVESTIGATION Human rights acitivist and close ally of detained Dubai princess had phone hacked by NSO spyware, forensic test finds. The Washington Post.
  178. Web site: New evidence suggests spyware used to surveil Emirati activist Alaa Al-Siddiq. 24 September 2021. The Guardian. September 24, 2021. September 27, 2021. https://web.archive.org/web/20210927033519/https://www.theguardian.com/world/2021/sep/24/new-evidence-suggests-spyware-used-to-surveil-emirati-activist-alaa-al-siddiq. live.
  179. News: Gardner. Frank. Frank Gardner (journalist). 6 October 2021. Princess Haya: Dubai ruler had ex-wife's phone hacked – UK court. live. BBC News. https://archive.today/20211006163200/https://www.bbc.com/news/world-middle-east-58814978. 6 October 2021. 6 October 2021.
  180. Web site: Pegasus spyware maker ends contract with UAE after UK high court's hacking ruling. CNN. 7 October 2021. 7 October 2021. October 13, 2021. https://web.archive.org/web/20211013092904/https://edition.cnn.com/2021/10/07/middleeast/pegasus-uae-hacking-intl/index.html. live.
  181. News: Abu Dhabi state funds were used to buy Israeli spyware group NSO. 1 April 2022. The Financial Times. April 2022. Wiggins. Kaye. April 5, 2022. https://web.archive.org/web/20220405022231/https://www.ft.com/content/09a289f1-1670-4b18-9ee2-5d9081e1773d. live.
  182. News: UAE linked to Downing Street spyware attack that may have compromised Boris Johnson's phone. 18 April 2022. The Telegraph. April 18, 2022 . Boycott-Owen . Mason .
  183. News: UAE tried to 'influence' Tory ministers to 'mislead' the public, sacked embassy guard says in court papers. 23 April 2022. The Telegraph. April 23, 2022 . Bird . Steve .
  184. News: No 10 suspected of being target of NSO spyware attack, Boris Johnson 'told' . Kirchgaessner . Stephanie . The Guardian . 18 April 2022 . 19 April 2022.
  185. Web site: The DEA Didn't Buy Malware From Israel's Controversial NSO Group Because It Was Too Expensive. 2022-02-01. www.vice.com. September 11, 2019 . en. February 1, 2022. https://web.archive.org/web/20220201025518/https://www.vice.com/en/article/3kxk9j/dea-didnt-buy-malware-nso-group-too-expensive. live.
  186. News: Key question for Americans overseas: Can their phones be hacked? . .
  187. News: Bing . Christopher . Menn . Joseph . U.S. State Department phones hacked with Israeli company spyware – sources . 4 December 2021 . Reuters . 3 December 2021 . en . December 4, 2021 . https://web.archive.org/web/20211204035937/https://www.reuters.com/technology/exclusive-us-state-department-phones-hacked-with-israeli-company-spyware-sources-2021-12-03/ . live .
  188. Web site: 2021-12-03 . AP Source: NSO Group spyware used to hack State employees . live . https://web.archive.org/web/20220201033915/https://apnews.com/article/technology-business-middle-east-israel-hacking-290f990cc1b6aa8fd870ecd540e12664 . February 1, 2022 . 2022-02-01 . AP NEWS . en.
  189. Web site: Toosi . Nahal . Biden's balancing act in the Middle East has a problem: Israel . POLITICO . 5 December 2021 . en . 19 November 2021 . December 5, 2021 . https://web.archive.org/web/20211205142629/https://www.politico.com/news/2021/11/19/biden-middle-east-israel-523053 . live .
  190. News: Levenson . Michael . F.B.I. Secretly Bought Israeli Spyware and Explored Hacking U.S. Phones . The New York Times . 28 January 2022 .
  191. Web site: The FBI Reportedly Considered Buying Spyware That Could Hack Any Phone in the U.S.. 2022-01-31. Gizmodo. January 28, 2022 . en-us. January 31, 2022. https://web.archive.org/web/20220131000234/https://gizmodo.com/fbi-nso-phantom-spyware-hack-americans-phones-1848440576. live.
  192. News: Mazzetti . Mark . Bergman . Ronen . F.B.I. Told Israel It Wanted Pegasus Hacking Tool for Investigations . The New York Times . 12 May 2022 .
  193. News: Mazzetti . Mark . Bergman . Ronen . Internal Documents Show How Close the F.B.I. Came to Deploying Spyware . The New York Times . 12 November 2022 .
  194. Web site: House . The White . 2023-03-27 . FACT SHEET: President Biden Signs Executive Order to Prohibit U.S. Government Use of Commercial Spyware that Poses Risks to National Security . 2023-12-29 . The White House . en-US.
  195. News: Starks . Tim . 2023-03-28 . Analysis Biden's spyware executive order gets mostly good reviews . en-US . Washington Post . 2023-12-29 . 0190-8286.
  196. Web site: UN-backed investigator into possible Yemen war crimes targeted by spyware. The Guardian. December 20, 2021. 20 December 2021. January 30, 2022. https://web.archive.org/web/20220130042924/https://www.theguardian.com/world/2021/dec/20/un-backed-investigator-into-possible-yemen-war-crimes-targeted-by-spyware. live.
  197. News: Satter . Raphael . Bing . Christopher . 11 April 2022 . Senior EU officials were targeted with Israeli spyware . Reuters . subscription . 13 April 2022 . April 13, 2022 . https://web.archive.org/web/20220413202014/https://www.reuters.com/technology/exclusive-senior-eu-officials-were-targeted-with-israeli-spyware-sources-2022-04-11/ . live .
  198. Web site: BJP Fields State Leaders to Tackle Pegasus Allegations, Uses 'International Conspiracy' Bogey. 2021-07-21. The Wire. July 21, 2021. https://web.archive.org/web/20210721093804/https://thewire.in/politics/pegasus-spyware-india-bjp-defence. live.
  199. Web site: Israel Helped Over Ten Countries Tap Over 50,000 Phones . Daraj . 18 July 2021 . July 19, 2021 . July 19, 2021 . https://web.archive.org/web/20210719120830/https://daraj.com/en/76189/ . live .
  200. Web site: Direkt36 . 19 July 2021 . hu . July 18, 2021 . https://web.archive.org/web/20210718211853/https://www.direkt36.hu/en/ . live .
  201. Web site: About The Pegasus Project. 2021-07-19. Forbidden Stories. July 18, 2021 . en. July 19, 2021. https://web.archive.org/web/20210719130033/https://forbiddenstories.org/about-the-pegasus-project/. live.
  202. Web site: THE PEGASUS PROJECT Live Blog: Major Stories from Partners. 2021-07-21. FRONTLINE. en-US. July 21, 2021. https://web.archive.org/web/20210721094001/https://www.pbs.org/wgbh/frontline/article/the-pegasus-project-live-blog-major-stories-from-partners/. live.
  203. Web site: NSO CEO exclusively responds to allegations: "The list of 50,000 phone numbers has nothing to do with us" Ctech. 2021-07-21. m.calcalistech.com. July 20, 2021. https://web.archive.org/web/20210720223235/https://m.calcalistech.com/Article.aspx?guid=3912882. live.
  204. News: Pegasus spyware found on journalists' phones, French intelligence confirms . the Guardian . 2 August 2021 . en . August 2, 2021 . August 2, 2021 . https://web.archive.org/web/20210802160522/https://www.theguardian.com/news/2021/aug/02/pegasus-spyware-found-on-journalists-phones-french-intelligence-confirms . live .
  205. Web site: Top Human Rights Watch investigator allegedly hacked with Pegasus spyware. 26 January 2022. The Guardian. January 26, 2022. January 26, 2022. https://web.archive.org/web/20220126075305/https://www.theguardian.com/news/2022/jan/26/human-rights-watch-investigator-allegedly-hacked-with-pegasus-spyware-. live.
  206. Web site: July 18, 2021. Massive data leak reveals Israeli NSO Group's spyware used to target activists, journalists, and political leaders globally. Amnesty International. July 18, 2021. July 18, 2021. https://web.archive.org/web/20210718182723/https://www.amnesty.org/en/latest/news/2021/07/the-pegasus-project/. live.
  207. News: Priest. Dana. Timberg. Craig. Mekhennet. Souad. Private Israeli spyware used to hack cellphones of journalists, activists worldwide. en. The Washington Post. 2021-07-20. January 2, 2020. https://web.archive.org/web/20200102225119/https://www.washingtonpost.com/investigations/interactive/2021/nso-spyware-pegasus-cellphones/. live.
  208. News: Dan . Tynan . Apple issues global iOS update after attempt to use spyware on activist's iPhone . . August 25, 2016 . December 21, 2016 . April 18, 2019 . https://web.archive.org/web/20190418094039/https://www.theguardian.com/technology/2016/aug/25/apple-ios-update-arab-activists-iphone-spyware . live .
  209. Web site: Russell . Brandom . Why can't Apple spend its way out of security vulnerabilities? . . August 26, 2016 . December 21, 2016 . December 21, 2016 . https://web.archive.org/web/20161221151523/http://www.theverge.com/2016/8/26/12660800/apple-ios-security-bug-bounty-payouts . live .
  210. Web site: WhatsApp sues Israeli firm over phone hacking claims . BBC . 30 October 2019.
  211. Web site: US supreme court lets WhatsApp pursue Pegasus spyware lawsuit . The Guardian . 9 January 2023.
  212. Web site: Mehrotra and Scigliuzzo and Turton . Kartikay and Davide and William . Apple fixes flaw exploited by Israeli firm's Pegasus spyware . Al Jazeera . 13 September 2021.
  213. Web site: Nellis . Stephen . Apple files lawsuit against NSO Group, saying U.S. citizens were targets . Reuters . 24 November 2021.