2. Background: the already-notorious NSO Group makes mercenary spyware to silently & remotely hack iPhones & Androids.
Many of their government customers are authoritarians.
Most cannot resist the temptation to target their critics, reporters, human rights groups etc.
3. More about leaked numbers & targets in a sec, but first you need to know:
@AmnestyTech just released a report with technical analysis of NSO's infrastructure... & analysis validating w/forensics that some phones were infected with Pegasus.
Hungary's far-right PM Viktor Orbán is using Pegasus spyware to surveil & attack Hungary's independent media, like @direkt36, @panyiszabolcs, and many more.
9. #INDIA🇮🇳 Over 40 reporters, major opposition figures, serving ministers in the #Modi government, members of the security services and beyond are in the list.
- #PegasusProject reporting consistent w/targeting in #NSOGroup's 2019 attack on WhatsApp users.
- Points out: in *only* 2 weeks 1.4k numbers were confirmed targeted in 2019. Do the math.
36. BIG DEAL: today @WhatsApp CEO @wcathcart *publicly confirmed* that senior national security officials of US allies🇺🇸 were targeted with #Pegasus spyware in 2019.
Clear message: #NSOGroup spyware is a national security threat.
#Pegasus spyware was used to target people via WhatsApp in 2019. WhatsApp spotted it, quickly shut it down, notified all targets...and then *sued* NSO.
Whoa: NSO Group allegedly rolled a @WhatsApp exploit to implant #Pegasus spyware even after WhatsApp sued them.
This previously-unrevealed "Erised" vector was later disabled by #WhatsApp.
These un-redacted filings are quite the read. Even some footnotes have scoops. 1/
2/ We learn that NSO Group had at least three @whatsapp exploits: Heaven, Eden & Erised.
The first, called Heaven, was active some time prior to Sept-Dec 2018. It worked by using manipulated messages to direct targeted devices to a malicious WhatsApp relay controlled by NSO Group.
Heaven was ultimately disabled by changes made in Sept & December 2018 by WhatsApp.
3/ After the Heaven vector stopped working, NSO Group deployed Eden, which had a key feature: it needed to pass through relays controlled by @WhatsApp.
There's some detail about how the exploit was deployed to avoid detection.
Ultimately, it was detected, leading to the lawsuit.
WILD: actual photo of Musk-hired door knockers being driven around #Michigan.
This group of mostly-black workers were driven in the back of a truck with no seats.
They say they were flown in, given unrealistic goals, and threatened with their lodging being cut off & being forced to pay their own way home if they couldn't meet them.
Some didn't even know which candidate they were working for.
A "PRO-ISRAEL TEAM WE CAN TRUST" designed to look like a #HarrisWalz campaign ad is micro-targeted to areas with a high muslim population around Dearborn, Michigan.
Meanwhile, same Musk-backed PAC has a "WHY PANDER TO PALESTINE?" ad micro-targeted to areas in Pennsylvania.