Researchers have documented the first known case of NSO Group’s spyware being used in a military conflict after they discovered that journalists, human rights advocates, a United Nations official, and members of civil society in Armenia were hacked by a government using the spyware.
The hacking campaign, which targeted at least a dozen victims from October 2020 to December 2022, appears closely linked to events in the long-running military conflict between Armenia and Azerbaijan over the contested Nagorno-Karabakh region.
Previous investigations into spyware abuses by NSO Group’s clients have already established – with “substantial evidence”, according to researchers – that Azerbaijan is a government client of NSO Group.
The news is significant because the use of Pegasus, a military-grade spyware that can hack into and remotely control any phone, has never been documented inside a military conflict.
An NSO spokesperson said the company could not comment on the new report by Access Now and others because it had not been shared with NSO.
It said that previous investigations into allegations of “improper use of our technologies” by clients resulted in the termination of multiple contracts.
The investigation was conducted by researchers at Access Now, CyberHUB-AM, the Citizen Lab at the Munk School of Global Affairs at the University of Toronto, Amnesty Internationalʼs Security Lab, and Ruben Muradyan, an independent mobile security researcher.
The hacking of the Armenia-based individuals was first discovered in November 2021, two months after a series of clashes along the Armenia-Azerbaijan
Read more