2. Background: the already-notorious NSO Group makes mercenary spyware to silently & remotely hack iPhones & Androids.
Many of their government customers are authoritarians.
Most cannot resist the temptation to target their critics, reporters, human rights groups etc.
3. More about leaked numbers & targets in a sec, but first you need to know:
@AmnestyTech just released a report with technical analysis of NSO's infrastructure... & analysis validating w/forensics that some phones were infected with Pegasus.
Hungary's far-right PM Viktor Orbán is using Pegasus spyware to surveil & attack Hungary's independent media, like @direkt36, @panyiszabolcs, and many more.
9. #INDIA🇮🇳 Over 40 reporters, major opposition figures, serving ministers in the #Modi government, members of the security services and beyond are in the list.
- #PegasusProject reporting consistent w/targeting in #NSOGroup's 2019 attack on WhatsApp users.
- Points out: in *only* 2 weeks 1.4k numbers were confirmed targeted in 2019. Do the math.
36. BIG DEAL: today @WhatsApp CEO @wcathcart *publicly confirmed* that senior national security officials of US allies🇺🇸 were targeted with #Pegasus spyware in 2019.
Clear message: #NSOGroup spyware is a national security threat.
#Pegasus spyware was used to target people via WhatsApp in 2019. WhatsApp spotted it, quickly shut it down, notified all targets...and then *sued* NSO.
IMPORTANT: has @Apple sent you a mercenary spyware threat notification?
Latest round just went out.
Take them seriously. Get expert help.
If you a journalist, activist, dissident etc. I suggest you ✅contact @accessnow's helpline. 1/ accessnow.org/help/
2/ In my experience, @Apple's mercenary spyware threat notifications do several things:
✅ Help users take action to secure themselves
✅ Impose cost on spyware companies & customers
✅ Keep us researchers busy investigating cases
They can also have a✅deterrent effect.
@Apple 3/ I never tire of saying that @apple threat notifications have helped to change the information balance between spyware victims & those that target them.
They have also kicked off waves of scandals & discoveries of spyware abuses. Like in #Poland👇
2/ The investigation behind this Russian political interference takedown is interesting.
First, the @FBI got account registration info for a slice of fake accounts on @X
They found a lot of email accounts registered on the same server.
So they went to the registrar...
@FBI @X 3/ While the domain registrar (Namecheap) had a bunch of account registration information for the @FBI, the info was a fake name and some alias information.
Strike out? No. The FBI began a subpoena cascade, starting with the Google account used to register the domain.