According to a recent joint investigation by Access Now and the Citizen Lab, the iPhone of Galina Timchenko, co-founder, CEO, and publisher of the Latvia-based Russian independent media outlet Meduza, was infected while she was visiting Berlin, Germany, around February 10.
The investigation was initiated after Apple notified Timchenko and other individuals in June 2023 that they may have been targeted with state-sponsored malicious spyware.
Pegasus is produced by the Israeli cyber arms firm NSO Group. The product has been purchased by numerous governments and is often misused for spying on activists, journalists, and opposition politicians.
The Committee to Protect Journalists expressed deep concern over the latest infection.
"Journalists and their sources are neither free nor safe when they are spied on, and this attack on Timchenko underscores that governments must implement an immediate moratorium on the development, sale, and use of spyware technologies. The threat is simply too large to ignore," said Gulnoza Said, CPJ’s Europe and Central Asia program coordinator, in a statement.
While the covert use of spyware takes place in the shadows, the attack occurred two weeks after the Russian government declared Meduza an "undesirable organization" due to their critical coverage of Putin's regime and the war in Ukraine. This happened amid suspicions from E.U. governments regarding Russian civil society in exile.
"A Pegasus attack on one of the most respected independent journalists and prominent Putin critics at the heart of the E.U. means one thing — NSO Group must be immediately sanctioned as a threat to human rights, peace, and security in Europe, the U.S., and around the world," said Natalia Krapiva, Tech-Legal Counsel at Access Now.
She emphasized that while NSO Group claims to protect users from terrorists and child molesters, in reality, it is the go-to instrument for undermining democracies and attacking independent media and human rights campaigners.
While Pegasus is designed to conceal which customer is behind a specific attack, making it harder for investigators to attribute, there are three basic ideas about which state is likely behind the attack: E.U. states suspected of using Pegasus, namely Estonia, Germany, or Latvia; Russia-allied states also suspected of using Pegasus, primarily Azerbaijan, Kazakhstan, or Uzbekistan; and Russia.
"Pegasus spyware and a regime like Putin's go hand in glove — a dangerous mix of greed and ego that the international community must stamp out," said Anastasiya Zhyrmont, Eastern Europe & Central Asia Campaigner at Access Now.
She emphasized that this heinous spying on independent media comes amid a surge of harassment, assassination, and persecution of the few surviving anti-war and anti-Putin voices in Russia and the region.
"In times of war or peace, journalists and media, especially those brave enough to challenge authoritarian regimes, are never legitimate targets for surveillance," said Zhyrmont.
