A fresh investigation by security researchers reveals that Pegasus malware targeted at least seven EU journalists and activists critical of the Kremlin and its supporters.
The cyberattacks targeted journalists and activists in the EU, who are from Russia, Belarus, Latvia, and Israel, as reported by The Guardian. They received threat notifications on their iPhones from Apple.
Israel's NSO Group developed Pegasus, a powerful cyberweapon sold to governments to fight crime. Researchers have found multiple incidents of political spying using the malware, notably against journalists and opposition politicians.
Access Now, the Munk School Citizen Lab, and Nikolai Kvantaliani conducted the latest investigation on the Pegasus attack. Researchers could not identify the state or agency behind the current hacking efforts, but technical signs suggested a single NSO client. This follows a claim last year that Pegasus targeted Russian journalist and Meduza co-founder Galina Timchenko.
Pegasus malware can hack phones, view images and calls, monitor locations, and activate microphones, transforming them into surveillance devices. WhatsApp and Apple are suing NSO after the Biden administration banned it in 2021.
NSO Denies Allegation of Cyberattack on Journalists in EU
Analysts do not believe Russia or Belarus are NSO clients, although Russia seems suspicious. Latvia and Estonia both use Pegasus, with Estonia frequently using it abroad.
One Russian journalist in Vilnius received two Apple threat warnings on June 15, 2023, indicating an attempted infection. In Warsaw, two Belarusian civil society activists got identical letters on October 31, 2023. While, it took two years to discover Belarusian opposition lawmaker Andrei Sannikov's phone infection on September 7, 2021.
Russian or Belarusian intelligence organizations might penetrate EU Pegasus states, according to Sannikov. Also targeted was Charter97.org editor-in-chief Natalia Radzina, who compared the intrusions to her Belarusian persecution.
Other Riga journalists who got threat notices are Evgeny Erlikh, Evgeny Pavlov, and Maria Epifanova.
The NSO provides crime-prevention equipment solely to certified law enforcement organizations. Chaim Gelfand, NSO's deputy general counsel, said the corporation will examine system misuse and uphold human rights.
NSO says it exclusively sells to "allies of Israel and the US" and protects vulnerable people, such as journalists.
(Photo : JOEL SAGET/AFP via Getty Images)
This studio photographic illustration shows a smartphone with the website of Israel's NSO Group which features 'Pegasus' spyware, on display in Paris on July 21, 2021.
A Threat to Democracy
Such kinds of cyberattacks also occur outside the EU. The International Jounrnalists' Network reported that the Pegasus malware targeted Indian journalists, including The Wire founder Siddharth Varadarajan, according to a December 2023 Amnesty International-Washington Post investigation.
For years, the Indian government has faced accusations of hacking dissidents and opponents. Moreover, a 2018 Pegasus spying operation targeted Dalit activists involved in the Bhima Koregaon incident in Maharashtra. Three years later, many activists remain imprisoned and under surveillance.
Since the Pegasus Project's 2021 findings, digital rights advocates and political parties have demanded government accountability, data protection, and privacy laws.
Israeli cyber intelligence business NSO Group exclusively sells Pegasus to certified government agencies for combating terrorism and crime. According to DW editor Martin Muno, the use of unlawful monitoring is not limited to dictatorships, as demonstrated by the US intelligence group NSA's actions against the former German Chancellor, Angela Merkel.
Pegasus has exploited iPhone vulnerabilities before. Years ago, Pegasus gained access to data due to iOS security holes that impacted Apple's security reputation. The tech giant was able to solve the problem through multiple software updates.
