The million-dollar reporter How attackers hijacked the phone of Meduza co-founder Galina Timchenko, making her the first Russian journalist to be infected with Pegasus spyware — Meduza
meduza.io
The public has known for years that governments around the world use software developed by an Israeli cyber-arms company to spy on journalists, opposition politicians, and activists. Investigative journalists published a series of bombshell reports in July 2021 about the widespread abuse of Pegasus, a powerful tool marketed exclusively to state clients for use against only the grisliest criminals. Earlier this summer, Meduza learned that the iPhone of our co-founder and publisher, Galina Timchenko, was infected with Pegasus mere hours before she joined a private conference in Berlin attended by colleagues in the exiled Russian independent media. This is the first confirmed case of a Pegasus attack against a Russian journalist. With help from experts at Access Now and Citizen Lab, Meduza reports what we know about this notorious spyware, how it’s been used in Europe, and which states might have spent millions of dollars to hijack Ms. Timchenko’s phone.

The public has known for years that governments around the world use software developed by an Israeli cyber-arms company to spy on journalists, opposition politicians, and activists. Investigative journalists published a series of bombshell reports in July 2021 about the widespread abuse of Pegasus, a powerful tool marketed exclusively to state clients. Earlier this summer, Meduza learned that the iPhone of its co-founder and publisher, Galina Timchenko, was infected with Pegasus mere hours before she joined a private conference in Berlin attended by colleagues in the exiled Russian independent media. It is the first confirmed case of a Pegasus attack against a Russian journalist.

  • neuracnu@lemmy.blahaj.zoneEnglish
    11·
    1 year ago

    tl;dr: unknown state actors, possibly aligned with Russia, installed Pegasus spyware on the journalist’s phone, probably exploiting vulnerabilities in HomeKit and iMessage as the vector.

    • MCk3@lemmy.worldEnglish
      11·
      1 year ago

      The thing that’s known about is the payload not the vulnerability. They keep finding new vulns and dropping the same payload.

        • MCk3@lemmy.worldEnglish
          2·
          1 year ago

          “bulb” appears to be what my phone incorrects the term “vuln” to. I have updated my comment

          • kaput@jlai.luEnglish
            3·
            1 year ago

            Ok thank. I was afraid Ineeded to learn yet another tech term.