Researchers claim that at least a dozen victims in Armenia were targeted with Pegasus in the first recorded use of the iPhone spyware in a military conflict.
The NSO Group’s spyware tool has previously been used by governments who were allegedly trying to hack the phones of European Commission officials. Its use became so significant that in 2021, Apple began sending notifications to iPhone users it suspected had been hacked.
Despite the NSO Group being blacklisted as a US national security risk, it has continued developing new ways to hack iPhones and other smartphones.
Now according to The Guardian, researchers claim that a United Nations official, plus journalists and human rights activists, have been hacked. The dozen victims are alleged to have been hacked by the Azerbaijan government over its conflict with Armenia.
The hacking took place between October 2020 and December 2022, and appears to be linked to the two countries’ military conflict over the disputed Nagorno-Karabakh region.
Researchers at AccessNow as well as Amnesty International and more, say that former Armenia foreign minister Anna Naghdalyan was hacked at least 27 times. The hacks and the timing of them reportedly put Naghdalyan “squarely in the most sensitive conversations and negotiations related to the Nagorno-Karabakh crisis.”
Naghdalyan told researchers that she had “all the information about the developments during the war on [her] phone,” at the time.
“Even if you have the most secure system on your phone, you cannot be secure,” she said.
The research names other victims including journalists Karlen Aslanyan and Astghik Bedevyan. Five of the victims have chosen to remain anonymous, but the researchers say one is a UN representative.
According to The Guardian newspaper, the researchers say the hacking was done by a customer of the NSO Group. The publication cannot conclusively identify which one.
A spokesperson for the NSO Group says it has not been sent the new report. However, the spokesperson said that the company investigates all credible reports of its spyware being abused.
It’s not known which governments or agencies are using the Pegasus spyware, although the US FBI is reported to have considered and rejected its use.