Thursday, Amnesty International New report released The attacks were allegedly carried out in detail on two Serbian journalists, allegedly with NSO Groupspyware Pegasus.
According to the nonprofit, the two journalists working for the Serbian-based Balkan Investigative Reporting Network (BIRN) received suspicious text messages, including links – basically phishing attacks. In one case, Amnesty International said its researchers were able to click the link in a secure environment and found that it led to the field they had previously identified as the NSO Group infrastructure.
“Amnesty International has spent years tracking the NSO group Pegasus spyware and how it can be used to target activists and journalists,” Donnchaó Cearbhaill, head of Amnesty International’s security laboratory, told TechCrunch. “This technical study has enabled Amnesty to identify malicious websites used to provide Pegasus spyware, including the specific Pegasus domains used in the event.”
For his point of view, researchers who have kept labeled for NSO activities for years are now very good at finding signs of companies Spyware Sometimes, what all researchers have to do is quickly view the areas involved in the attack.
In other words, NSO Group and its clients are losing the struggle to stay in the shadow.
“There is a fundamental problem for NSOs: They are not as good at hiding as customers think they are.” John Scott-Railton, a senior researcher at Citizen Lab, a human rights group, told TechCrunch, who investigated spyware abuse.
There is evidence of what ÓCearbhaill and Scott-Railton believe.
In 2016, Citizen Laboratory The first technical report was released Attacks with Pegasus were recorded against dissidents in the United Arab Emirates. Since then, in less than 10 years, researchers have identified targets of at least 130 people worldwide or hacked into the NSO group’s spyware, According to the count of runs Security researchers Runa Sandvik.
The huge victims and targets can be partially explained Pegasus ProjectThis is a collective news initiative to investigate the abuse of NSO Group spyware, which is based on a list of more than 50,000 leaked phone numbers that have been reportedly entered into the NSO Group target system.
But there are dozens of victims, amnesty, citizen labs and access, another nonprofit that helps protect civil society from spyware attacks, and that doesn’t rely on a leaked list of phone numbers.
Contact Us
Do you have more information about NSO Grop or other spyware companies? With non-working devices and networks, you can contact Lorenzo Franceschi-bicchierai in a signal of +1 917 257 1382 or via Telegram and Keybase @lorenzofb or e-mail. You can also Security.
A NSO Group spokesperson did not respond to a request for comment, including questions about Pegasus’ stealth or lack of awareness and whether NSO Group customers were concerned about it.
Unless nonprofits, NSO Group’s spyware is constantly caught by Apple send notify To the victims of spyware around the world, often prompting people who receive these notifications Get help with access nowAmnesty and Citizen Laboratory. These findings have led to more technical reports documenting spyware attacks using Pegasus and spyware carried out by other companies.
Perhaps the problem with the NSO group is that it is sold to countries with unbreakable spyware, including journalists and other members of civil society.
“The OPSEC mistakes made by the NSO Group here are continuing to be sold to countries that will continue to target journalists and ultimately expose themselves,” Cearbhaill uses technical terms Operational safety.
