At a glance.
- Pegasus spyware claims new targets in Catalonia and UK.
- After record highs, stalkerware usage is on the decline.
Pegasus spyware claims new targets in Catalonia and UK.
NSO Group’s controversial Pegasus surveillance software is rearing its ugly head yet again as a new wave of targets have recently been reported. CNET offers a primer on NSO, Pegasus, and the myriad victims that have been discovered across the globe so far by the human rights researchers at the University of Toronto’s Citizen Lab. As we noted earlier this week, evidence of the spyware was most recently found on the devices of at least fifty-one individuals in Spain’s Catalonia region. Catalan is seeking political independence from Spain, and though, as Threatpost notes, Citizen Lab was “not conclusively attributing the operations to a specific entity,” evidence indicates that Spanish authorities were likely behind the hacking. Spain’s National Intelligence Center (CNI) has been identified as the potential perpetrators, as the organization has been connected with surveillance and espionage in the past.
On Monday, Citizen Lab said it had issued "multiple" alerts informing the UK government that it was being targeted with Pegasus in what appeared to be nation-state espionage operations. BankInfoSecurity reports that Citizen Lab director Ron Deibert stated in a blog post, "In 2020 and 2021 we observed and notified the government of the United Kingdom of multiple suspected instances of Pegasus spyware infections within official UK networks." The surveillance software was found on devices used by government officials at the Prime Minister's Office and the Foreign, Commonwealth and Development Office and linked to Pegasus operators in the UAE, India, Cyprus, and Jordan. NSO Group continues to deny the claims, stating, "NSO Group wishes to clarify that the publications regarding the alleged hacking with Pegasus on phones related [to] 10 Downing St. are wrong and misleading and the company denies any involvement."
After record highs, stalkerware usage is on the decline.
Anti-malware software provider Malwarebytes has released data on recent trends in stalkerware, MSSP Alert reports. Though use of stalkerware reached its highest numbers ever in the first half of 2021, possibly linked to pandemic lockdowns and the resultant rise in domestic abuse, the volume of detections fell significantly in the second half of the year. The decrease is possibly due to the loosening of pandemic restrictions, as well as increased government awareness of the prevalence of surveillance software. Last year the Federal Trade Commission banned stalkerware developer SpyFone from selling its software, the second-ever action of its kind, and Google also took down several ads promoting spyware. As well, the Coalition Against Stalkerware (of which Malwarebytes is a member) continues to increase its contributors and make additions to its stalkerware detection threat list, created to help antivirus vendors strengthen their detection tools. That said, it's still unclear whether the decrease in stalkerware use will continue, and abusers could be finding workarounds by using off-the-shelf tracking devices (like Apple’s controversial AirTags) to spy on their targets.