Listen to this Post
In recent weeks, NSO Group’s notorious Pegasus spyware has found itself back in the headlines after two prominent Serbian journalists were allegedly targeted. While the attack was unsuccessful, the event sheds light on the ongoing risks posed by surveillance technologies. According to a report by Amnesty International, these journalists from the Balkan Investigative Reporting Network (BIRN), a well-respected investigative journalism organization, were sent suspicious messages containing links believed to be associated with the Pegasus spyware. This latest attempt on journalists working in a country with a tense press freedom environment calls attention to the growing misuse of surveillance tools against civil society.
Targeted Journalists: Bogdana and Jelena
Amnesty
Bogdana, upon receiving the message on February 14 at 13:46, chose not to interact with the content. An hour earlier, Jelena received a nearly identical message on her Android phone and deleted it immediately. Fearing that these were attempts to infect their devices with spyware, both journalists contacted Amnesty International’s Security Lab for an in-depth forensic analysis. The results confirmed their suspicions: the attack was an attempted infection using NSO Group’s Pegasus spyware.
The Attack Vector: A One-Click Infection
Amnesty’s researchers noted that the attack was a “one-click” attempt, requiring the victims to tap on a hyperlink contained in the message. The URL led to a Serbian-language domain identified by Amnesty’s security experts as being associated with NSO Group’s Pegasus spyware. While both journalists used different phone models (iPhone and Android), the common factor was the Viber app, which might have been the point of exploitation for the attackers. This raises questions about the app’s security vulnerabilities, especially since both targets received similar suspicious messages on the same platform.
While no infection occurred, the analysis pointed to the sophisticated nature of the attack, indicating that Pegasus was the likely spyware in play. This marks the third such attack in two years targeting civil society in Serbia, with Amnesty noting a rise in surveillance against journalists, activists, and protestors in the country.
The Response: NSO Group’s Denial
In its defense, NSO Group, which has long been under scrutiny for its surveillance software, maintains that its technology is designed to help government agencies combat terrorism and crime. The company has denied involvement in unethical practices, but its software continues to attract controversy. When approached by the media, NSO declined to comment on the specific customers who may have been involved in the attack or provide details about the functionality of their products.
Amnesty International has criticized the widespread abuse of surveillance technologies, especially in regions with tense political climates. In Serbia, this comes at a time when widespread student protests have escalated since November 2024. According to Amnesty’s data, Serbian authorities have been increasingly relying on digital surveillance tools to monitor civil society members, journalists, and activists.
What Undercode Says:
The NSO Group’s Pegasus spyware attack on Serbian journalists underscores the increasing sophistication and scope of digital surveillance. This case highlights a key concern within cybersecurity: the misuse of surveillance technology by governments to monitor and potentially silence critical voices, including those of journalists and activists. The attack, although unsuccessful, demonstrates how easily an individual can become a target of these covert operations. While Pegasus is primarily marketed as a tool for counterterrorism, the case of Serbia suggests that the software is being used for more authoritarian purposes.
The potential risks to individuals targeted by spyware are high, ranging from privacy invasions to physical threats to their safety. The fact that the attack happened on a widely used messaging app like Viber should also be a concern for all users of similar platforms. If a trusted app can be exploited to launch such an attack, it raises questions about the overall security of mobile communications in a digital age where privacy is increasingly at risk.
This incident should act as a wake-up call for both journalists and regular users about the importance of keeping devices updated with the latest security patches. While many might feel secure using encrypted messaging apps or reputable platforms, it’s critical to remain vigilant. Regular security updates and precautions such as using Lockdown Mode on iOS or ensuring Android devices are equipped with the latest defenses can help mitigate the risk of spyware infections. Moreover, users must be wary of unsolicited messages, even those that appear to come from trusted sources.
The attack on BIRN journalists also casts light on the broader geopolitical implications of surveillance software. As governments continue to deploy these tools, it is crucial to scrutinize the role of companies like NSO Group, whose products are used by a variety of state actors with varying ethical standards. Until there is greater transparency and accountability in the use of these technologies, the risks to privacy, security, and fundamental freedoms will only continue to grow.
Fact Checker Results
- The claim that Pegasus spyware was involved in this attack was confirmed by Amnesty International’s forensic analysis.
- NSO Group denies involvement in unethical use of its technology, though it has repeatedly faced accusations of enabling government overreach.
- The attack was part of a larger trend of digital surveillance targeting journalists, activists, and civil society members, particularly in politically sensitive regions like Serbia.
References:
Reported By: https://www.bitdefender.com/en-us/blog/hotforsecurity/pegasus-spyware-failed-infect-serbian-journalists-amnesty-international
Extra Source Hub:
https://www.reddit.com/r/AskReddit
Wikipedia
Undercode AI
Image Source:
Pexels
Undercode AI DI v2
