Spyware investigations involving University of Toronto’s Citizen Lab reveal targets in El Salvador, Poland: Reports

A joint investigation by the University of Toronto's Citizen Lab and Access Now reveals that dozens of journalists and activists in El Salvador had their cellphones allegedly hacked by Israeli firm NSO Group's Pegasus spyware. John Scott-Railton - The investigation, which identified 35 individuals whose phones were successfully infected with the sophisticated spyware normally used to target criminals, was reported on by the Associated Press , Reuters , the Guardian and other media outlets. A sample of cases in the report were reviewed by Amnesty International's Security Lab, which investigates cyberattacks against civil society. The alleged hacks took place between July 2020 and November 2021, a time of ongoing censorship of journalists who investigated the government of President Nayib Bukele. "The aggressiveness and persistence of the hacking was jaw-dropping," John Scott-Railton , senior researcher at the Citizen Lab and an author of the report, told the Associated Press . "I've seen a lot of Pegasus cases but what was especially disturbing in this case was its juxtaposition with the physical threats and violent language against the media in El Salvador." In a statement to Reuters, Bukele's office said it is not a client of NGO Group and that some of the government's top officials might have also had their phones hacked. The Citizen Lab, part of the Munk School of Global Affairs & Public Policy in University of Toronto's Faculty of Arts & Science, has been tracking victims of Pegasus spyware since 2016, helping to identify dozens of cases of inappropriate use.