Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
John Scott-Railton Profile picture
@jsrailton
Oct 2, 2022 10 tweets 10 min read Read on X
Scrolly
BREAKING: journalists & human rights defenders hacked with #Pegasus in 🇲🇽#Mexico.

Years *after* spyware scandals & new President's promise that abuses were over.

THREAD 1/

Report by @R3Dmx ejercitoespia.r3d.mx
We @citizenlab did forensic validation: citizenlab.ca/2022/10/new-pe… Key Takeaways Mexican digital rights organization R3D (Red eOur technical validation of forensic artifacts collected fro
2/ Per @R3Dmx, #Pegasus victims were infected while working on:

❌Connections between Los Zetas Cartel & Mexican Army
❌Official misconduct in investigations into #Ayotzinapa forced disappearances
❌Human rights violations by Mexican Armed Forces.

Chilling. Ricardo Raphael Raphael, a prominent journalist and author Raymundo Ramos Vázquez Ramos has spent years documenting h
3/ Mexico was first rocked by #Pegasus scandals in 2017 under President @EPN.

We @citizenlab, @R3Dmx @socialtic & @article19org had found dozens of abuse cases.

When Pres. @lopezobrador_ took office, he promised hacking abuses were a thing of the past...
4 Mexico's #Pegasus scandals didn't stop.

The #PegasusProject also revealed that scores in the circle of @lopezobrador_ had been potentially selected for targeting while @EPN was in office.

Including now-President AMLO's wife & children. In 2017, the Citizen Lab, along with partners R3D, SocialTic
5/ Mexico has been one of the *most* notorious cases of #Pegasus spyware abuses.

NSO Group has has been confronted about this. For years.

Mexico's new president, touched himself by spyware abuses prior to entering office... had promised it was over.

Yet here we are.
6/ Yet again, journalists & human rights defenders of intense interest to the Mexican government got hacked.

Chillingly, some of their work was clearly of intense interest to cartels, too.

#Mexico has seen *half a decade* of abuses like this. Need for an Independent Investigation These latest cases, wh
7/ I urge you to read @R3Dmx's full report. Here's their thread on the cases.
8/ Another key find via @R3Dmx: Mexico did recent business with companies linked to prior #Pegasus contracts👇👇

Despite making strenuous efforts to deny any such business.
9/ A key detail: while previous Pegasus cases @citizenlab investigated in #Mexico involved finding SMS messages and 1-click attacks... these latest cases were zero-click attacks.

No action was required on the part of the victims to be infected.
10/ Of course NSO has a response that is not serious.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with John Scott-Railton

John Scott-Railton Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @jsrailton

John Scott-Railton Profile picture
Dec 17
NEW: #China #Russia #Iran & #Israel are spying on 🇺🇸Americans using telecom weaknesses says @DHSgov

Deeply concerning on heels of #SaltTyphoon breaches.

All US carriers vulnerable to some extent.

We know this thanks to Sen @RonWyden's tireless work to expose #SS7 & #Diameter vulnerabilities.

Here's how they work...

Story by @josephfcox 1/Image
Image
2/ Here's the thing about the global network for routing calls.

Requests are trusted by default. Whatever operator they come from!

Since requests can let you do things like intercept calls, texts & track phones locations...

...a lot of governments & some shady companies have come running.

All they needed was a "Global Title" which is not hard to get in some jurisdictions.

Result? A tidal wave from around the globe of shady requests for the purpose of spying on people.

Including Americans. In the US.

We @citizenlab exposed Circles, one such player...

Story: 404media.co/dhs-says-china…Image
3/ There's an active global market for companies whose product line revolves around abusing the trusting nature of call routing to conduct surveillance.

We @citizenlab ran scans & mapped deployments of this tech by one such player: Circles.

Circles had previously merged with NSO Group, which makes #Pegasus.

citizenlab.ca/2020/12/runnin…Image
Read 5 tweets
John Scott-Railton Profile picture
Dec 16
NEW: police in #Serbia caught unlocking activists phones with @Cellebrite's mobile forensic tools & planting spyware on them.

Incredibly troubling investigation by @AmnestyTech delves into how the Serbian authorities mix a toxic brew of repression out of homegrown + foreign mercenary spyware like #Pegasus + $CLBT's forensic tools possibly supplied as part of foreign assistance from #Norway. 1/

Read: amnesty.org/en/documents/e…Image
Image
Image
Image
2/ From Traffic Stop to Spyware Victim...

As costs increase for zero-click spyware, expect to see authorities getting creative...

Rolling their own tech & finding novel ways to plant it on activists' devices with physical access.
3/ A favorite detail: a @Cellebrite exploit got caught & vuln patched.

This is what happens when your tech is abusively used against activists...

Mad impressive technical lift by @google's Project Zero's @__sethJenkins ft @benoitsevens, @tehjh et al.👇
Image
Read 7 tweets
John Scott-Railton Profile picture
Dec 5
🚨NEW INVESTIGATION: Russia's 🇷🇺 FSB beat & detained this programmer.

They demanded he inform on contacts in #Ukraine.

When he was finally released, Kirill Parubets got his phone back.

It was bugged with spyware. 1/

Investigative collab by us @citizenlab w/@DeptFirst.Image
Image
2/ Russian authorities descended on Kirill Parubets & his spouse. Raiding their apartment.

Beating him for his passwords.

Accusation? Money transfers to #Ukraine.

Then they threw the couple into custody.

The #FSB threatened life imprisonment if he didn't agree to become an informant.

citizenlab.ca/2024/12/device…Image
Image
3/ When the couple was eventually released , Parubets was eventually able to pick up his devices from the #FSB at the dreaded Lubyanka building (former KGB HQ, also a prison).

As a programmer, he carefully scrutinized his returned devices & noticed a weird notification on his Android...Image
Image
Read 10 tweets
John Scott-Railton Profile picture
Dec 3
Good! Finally a path to crackdown on data brokers.

Americans are constantly victimized by these companies.

Privacy shouldn't be partisan, so pay close attention to see who comes out against these common-sense plans from the @CFPB. 1/

By Dell Cameron & Andrew Couts @wired.Image
Image
Image
2/ The volume of data constantly collected & sold on Americans puts the US at a global disadvantage.

The data-broker firehose is a hostile foreign intelligence service's delight.

But that's just the beginning.
3/ Whether it's financial surveillance, purchases, browsing behavior, where you drive and walk, what you look at... Americans arguably face as much totally legal private-sector surveillance as any country in the world.

And legally we've been basically unprotected.

It is absurd.
Read 5 tweets
John Scott-Railton Profile picture
Dec 3
Meet 'decolonization' expert Nomma Zarubina.

FSB codename "Alyssa"

All over the Washington DC think tank circuit. Had a knack for meeting US officials. Even attended some protests against Russia.

Just last week she spoke at an event on Parliament Hill in #Canada.

She's just been charged by the #FBI for lying about taking direction from the FSB. 1/Image
Image
Image
Image
2/ Nomma Zarubina was collecting photos with current & former officials like Pokemon.

Wearing some NGO bona-fides, she also shows up at a lot of events with prominent exiles from #Russia & figures from #Ukraine.

She also got into all sorts of meetings... Image
Image
Image
3/ Zarubina's story follows from investigation of Elena Branson.

Branson fled to #Russia in 2020 after the Russian Center New York was raided). Branson got a lot of charges, including acting as an illegal agent.

Zarubina worked for the RCNY & was close to Branson..

Branson case: justice.gov/usao-sdny/pr/d…Image
Image
Image
Read 9 tweets
John Scott-Railton Profile picture
Nov 27
BREAKING: #ExxonMobil lobbyist investigated over hacking of American nonprofits.

Hacked material fed PR campaigns & lawsuits against environmental advocacy orgs. 1/

By @razhael & @Bing_Chris Image
Image
Image
Image
2/ The case goes back years & centers around a massive hack-for-hire operation based in #India....

...that did the dirty work for powerful people & companies around the world.

3/ This latest chapter in the case, now public, thanks to the work of @razhael & @Bing_Chris, shows how money & dirty tricks are brought to bear against organizations that go up against certain powerful companies.

reuters.com/business/energ…Image
Image
Image
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(