In November 2023, Amnesty International and other digital freedom groups diagnosed a zero-click spyware attack on two Serbian civil society members on the eve of national elections. The text message sent to one of the journalists targeted last month linked to a news article and contained a message saying: "Do you have info that he is next? I heard something completely different,” Amnesty said. Two investigative journalists in Serbia were targeted with advanced commercial spyware last month, Amnesty International said Thursday. The text messages contained hyperlinks to a domain name which Amnesty has determined with “high confidence” is associated with Pegasus, Donncha Ó Cearbhaill, the head of Amnesty International’s Security Lab, said in a statement. Serbian authorities also recently used Cellebrite software to secretly unlock civilians’ phones so they could install another brand of homegrown spyware, Amnesty announced in December. The journalists brought their phones to the Amnesty International Security Lab, which says it confirmed they were targeted with spyware. Amnesty later found an additional Pegasus attack targeting a “high-profile individual involved in the wide-scale Serbian protest movement,” it said. Pegasus — which often infects user devices without their needing to click on any links — in this case appears to have been deployed as a one-click attack, Amnesty said. The journalists, who work for the Balkan Investigative Reporting Network (BIRN), were targeted with the NSO Group’s Pegasus spyware, according to a press release. A massive March 15 anti-government rally in the Serbian capital, Belgrade, highlights how tense the conflict between civil society and the authorities has become recently. Both received unusual messages on the Viber messaging app from a number they didn’t know and was later determined to be tied to the state-telecommunications operator, Amnesty said.
This Cyber News was published on therecord.media. Publication date: Thu, 27 Mar 2025 13:50:09 +0000