7/ The #Candiru targeting that we saw was via email. Again, often super personalized.
They impersonated official COVID communications from Spanish gov, notifications from biz registries, etc.
Sometimes Candiru & #Pegasus targeting themes overlapped.
8/ Craziest story? Victim working on a live #Candiru infected computer had to be persuaded to step into the hallway using a ruse so we could explain the situation away from it's microphones...
Material was shared w/@MsftSecIntel which led to 1.4 billion devices getting patched.
9/ The folks at @AmnestyTech conducted an independent validation of our forensic methods on a selection of cases.
10/ Which government is behind #CatalanGate? Well, we aren't conclusively attributing to a specific government...
But substantial circumstantial evidence suggests a nexus with the Government of Spain.
11/ Big picture: people think the problem with mercenary spyware is that it gets sold to dictators. Who abuse it. True.
Turns out that when democracies acquire it, risk of abuse is dangerously high.
It's abundantly clear that this is now a major problem in the #EU.
12/ EU MEPs have begun weighing in👇
🇪🇺 EU Parliament's new committee on Pegasus spyware has first meeting tomorrow.
14/ Cases like this cannot come to light without the many victims & organizations that graciously consent to participating in our research, and chose to come forward & be named.
Without them, this report would not have been possible.
15/ Special acknowledgement to the team @domesticstream who helped us do the amazing graphical companion to our report.
Be wary of OSINT-branded accounts recycling faked & old footage of airstrikes, explosions, interceptions etc.
It happens every time, but in New Twitter they have a direct financial incentive to push out inflammatory nonsense.
There's more 1/
2/ The annoying practice of some OSINT-branded accounts of repeating headlines ginned up & borrowed from somewhere without citation as if it's their own...
Is reckless & dangerous during fast moving conflict where there is huge potential for *consequential* misunderstandings.
3/ Exercise extreme caution in what you amplify & believe.
Twitter is awash with a flood tide of falsehoods tonight.
Some is the work of people trying to farm revenue.
And some is disinformation seeking to seed specific false perceptions.