Again and again, NSO Group’s customers keep getting their spyware operations caught

Tech Crunch - Mar 28th, 2025

Amnesty International has released a report exposing attempted hacks on two Serbian journalists using NSO Group's Pegasus spyware. The journalists, affiliated with the Balkan Investigative Reporting Network (BIRN), were targeted through phishing attacks involving suspicious text messages with links. Amnesty's researchers confirmed the links belonged to NSO's infrastructure, highlighting the ongoing struggle for NSO and its clients to maintain secrecy in their operations. This revelation is part of a larger pattern of spyware misuse against journalists and activists worldwide.

The report underscores the challenges faced by NSO Group, which has been under scrutiny for its spyware's deployment against civil society members, including journalists. Since the first documented Pegasus attack in 2016, researchers have uncovered over 130 incidents globally. This is partly due to initiatives like the Pegasus Project, which identified thousands of potential targets. Despite NSO's attempts at operational security, its practices have been repeatedly exposed by watchdog groups and tech companies like Apple, raising questions about the ethical implications of selling spyware to regimes that misuse it.

Cybersecurity Nso Group Amnesty International Human Rights Phishing Attacks Pegasus Spyware Birn Serbian Journalists

Story submitted by Fairstory

RATING

8.0

Fair Story

Consider it well-founded

The article provides a comprehensive overview of the alleged misuse of Pegasus spyware by NSO Group, focusing on credible sources like Amnesty International and Citizen Lab. It effectively highlights the global implications of such surveillance technology on human rights and privacy. The article is well-structured and clear, making complex issues accessible to a general audience. However, it could benefit from additional perspectives, particularly from NSO Group, and a deeper exploration of the technical and ethical aspects of the issue. Overall, the article is timely, relevant, and addresses significant public interest concerns, with the potential to influence public discourse on digital security and privacy rights.

Accuracy

The article presents a detailed account of the alleged use of Pegasus spyware, supported by references to credible organizations like Amnesty International and Citizen Lab. The claim that Amnesty identified NSO Group's infrastructure is backed by their established history of forensic analysis. However, the article could be strengthened by providing more detailed evidence from the report itself or from direct quotes from the involved parties. The mention of Apple's role in notifying victims is accurate and aligns with known actions by Apple, further supporting the article's claims. Despite these strengths, the article would benefit from more explicit verification of the number of victims and the specific technical methods used to identify the spyware.

Balance

The article primarily presents perspectives from organizations critical of NSO Group, such as Amnesty International and Citizen Lab. While these sources are authoritative on the topic, the absence of comments from NSO Group or its defenders creates a potential imbalance. The article mentions that NSO Group did not respond to a request for comment, which is an effort to include their perspective. However, exploring more about NSO Group's previous public statements or legal defenses could provide additional balance and context.

Clarity

The article is generally clear and well-structured, with a logical flow of information from the introduction of the issue to the discussion of broader implications. The language is accessible, and technical terms are explained sufficiently for a general audience. However, the article could benefit from a more detailed breakdown of the technical aspects of the spyware's identification process to enhance understanding for readers unfamiliar with cybersecurity topics. Overall, the article maintains a neutral tone, focusing on factual reporting rather than sensationalism.

Source quality

The article relies on high-quality sources, including Amnesty International, Citizen Lab, and Access Now, all of which are reputable organizations known for their work in digital security and human rights. These sources have a history of conducting thorough investigations and providing reliable data, lending significant credibility to the article. The inclusion of specific researchers and their roles, such as Donncha Ó Cearbhaill and John Scott-Railton, further enhances the reliability of the information presented. However, the lack of direct quotes from the NSO Group or any independent third-party experts could slightly limit the depth of source variety.

Transparency

The article is transparent in attributing its claims to specific sources and individuals, such as Amnesty International and Citizen Lab. It explains the basis of the claims, mentioning the technical research conducted by these organizations. However, the article could improve transparency by detailing the specific methodologies used in identifying the Pegasus spyware and providing more background on the leaked list of phone numbers. The lack of detailed explanation regarding the technical processes used to identify NSO's infrastructure is a minor gap in transparency.