Citizen Lab unearths spyware attacks against Catalan politicians, U.K. government: The New Yorker
The University of Toronto’s Citizen Lab, based at the Munk School of Global Affairs & Public Policy, is highlighted in a New Yorker feature by journalist and author Ronan Farrow that explored the use of Pegasus spyware, built by Israeli firm NSO Group, by governments and global actors – as well as efforts by big tech companies like Facebook and Apple to counter it.
The New Yorker piece, titled “How Democracies Spy on Their Citizens,” reports that just last month, Catalan politician Jordi Sole approached Citizen Lab researcher and fellow Elies Campo to ask for help analyzing his iPhone, which had been receiving suspicious text messages – breaches traced to 2020. “In those days, your device was infected—they took control of it and were on it probably for some hours. Downloading, listening, recording,” Campo told Sole, the New Yorker reported.
More recently, in February 2021, the Citizen Lab uncovered an infection on the laptop of the Catalan activist Joan Matamala – though this attack was traced to another Israeli spyware firm, Candiru. The New Yorker reports that Campo instructed Matamala to wrap the laptop in aluminum foil to prevent the spyware from communicating with Candiru’s servers. In a recent post on its website, the Citizen Lab outlined detailed findings from its investigations on the use of Pegasus and other spyware programs to target Catalan pro-independence figures.
The New Yorker also notes the Citizen Lab found at least five instances of hacking of U.K. Foreign Office phones between July 2020 and June 2021, as well as infection of a device connected to the network at 10 Downing Street, office and residence of the prime minister. “When we found the No. 10 case, my jaw dropped,” John Scott-Railton, a senior researcher at the Citizen Lab, told the magazine. On Monday, the Citizen Lab confirmed that it “observed and notified the government of the United Kingdom of multiple suspected instances of Pegasus spyware infections within official U.K. networks.”