Targeted Cyber Attacks Unleashed on Serbian Pro-Democracy Activists Expose Government Espionage
Security researchers have unveiled evidence of a state-sponsored attempt to hack two Serbian pro-democracy activists critical of the country’s nationalist government. The activists, who have chosen to remain anonymous for their safety, narrowly escaped infiltration due to the timely update of their Apple iPhones with the latest iOS software.
Apple played a crucial role in alerting the targeted individuals to the potential breach, issuing a warning of a state-sponsored attack. Subsequent investigations by Access Now, the Share Foundation in Serbia, the Citizen Lab at the University of Toronto’s Munk School, and Amnesty International confirmed the gravity of the situation.
This revelation follows recent incidents where Russian journalists critical of Vladimir Putin, residing within the European Union, fell victim to similar cyber espionage. Despite efforts by the Council of Europe and the European Parliament to enact policies curbing spyware use, these incidents highlight a concerning trend of European governments employing such technology to suppress political dissent.
Natalia Krapiva, the tech-legal counsel at Access Now, expressed deep concern, stating, “Uncontrolled use of commercial spyware is poison not only for human rights but also security and democratic institutions in any country.”
The attempted cyber attacks on the Serbian activists occurred within a minute of each other around August 16, 2023. Researchers from Access Now and Citizen Lab discovered traces of the attack, pointing to a potential vulnerability in the iPhone’s HomeKit application.
While the specific spyware utilized remains unconfirmed due to limited forensic indicators, the tactics employed resemble those associated with Pegasus, one of the world’s most sophisticated cyber weapons sold by Israel’s NSO Group. Pegasus, when successfully deployed, can take control of a mobile phone, turning it into a listening device and accessing encrypted applications, photographs, and messages.
John Scott-Railton, a senior researcher at Citizen Lab, remarked, “We aren’t attributing these attacks to a particular operator at this time, but we note that a decade of Citizen Lab investigations have found that Serbia is a regular customer for mercenary spyware and other commercial surveillance technologies.”
Responding to the allegations, NSO Group stated that the reports by Citizen Lab and Access Now were inconclusive and reiterated that Pegasus is intended for use by governments in serious crime and terror investigations.
As governments continue to deploy advanced spyware, concerns grow about the potential threats posed to individuals’ privacy, human rights, and the democratic fabric of nations. The international community faces an ongoing challenge to address and curb the misuse of such powerful surveillance tools.