This report was originally published by the Citizen Lab and is republished here with permission and thanks.

In this report, Citizen Lab describes how Canadian permanent resident and Saudi dissident Omar Abdulaziz was targeted with a fake package delivery notification. This assesment was made with a high degree of confidence that Abdulaziz’s phone was infected with NSO’s Pegasus spyware, attributed to a Pegasus operator linked to Saudi Arabia. Pegasus, designed by Israeli “Cyber Warfare” vendor NSO Group and sold to governments, enables the operator to access a victim’s “personal files, chats, photos, and emails” and has been used extensively to monitor civil society. Using their investigative tactics detailed in the Hide and Seek report, Citizen Lab determined that the same group responsible for targeting Saudi dissidents and human rights activists in 2018 had also infected the mobile phone belonging to a resident of Quebec. Based on his location, movement patterns, his interest to Saudi Arabia, and the presence of an SMS message with a link to an NSO Group exploit domain, Citizen Lab concluded that the phone monitored by Saudi-affiliated Pegasus was likely the one belonging to Abdulaziz.

Read the full report here.