The Great iPwn: Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit
Date
2020-12-20
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. The journalists were hacked by four Pegasus operators, including one operator MONARCHY that we attribute to Saudi Arabia, and one operator SNEAKY KESTREL that we attribute to the United Arab Emirates.
Description
Bill Marczak’s work on this report was supported, in part, by the International Computer Science Institute and the Center for Long-Term Cyber Security at the University of California, Berkeley.
The authors would like to thank Bahr Abdul Razzak for review and assistance. Special thanks to several other reviewers who wish to remain anonymous as well as TNG. Thanks to Mari Zhou for design and layout assistance. Thanks to Al Jazeera and Tamer Almisshal for their investigative work on this project. Thanks to Al Araby and Rania Dridi.
Thanks to Team Cymru for providing access to their Pure Signal data.
Keywords
NSO Group, Pegasus, hacking, surveillance, security, cybersecurity, Al Jazeera, Saudi Arabia, United Arab Emirates, spyware, exploit, commercial spyware
Citation
Bill Marczak, John Scott-Railton, Noura Al-Jizawi, Siena Anstis, and Ron Deibert. "The
Great iPwn: Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’
Exploit," Citizen Lab Research Report No. 135, University of Toronto, December 2020.
DOI
ISSN
Creative Commons
Attribution-ShareAlike 4.0 International
Creative Commons URI
Collections
Items in TSpace are protected by copyright, with all rights reserved, unless otherwise indicated.