Serbia flag
Image: Ivan Aleksic via Unsplash

Serbian civilians targeted with Pegasus on eve of national elections

Updated at 5 p.m. EST to include additional information from Access Now.

Two Serbians were the targets of failed spyware attacks in August, according to a report released Tuesday by a Belgrade-based digital freedom organization.

Apple alerted the victims they were potential targets of state-sponsored “technical attacks” on October 30, the SHARE Foundation said.

The victims then approached civil society organizations in Serbia, along with the SHARE Foundation, and were quickly connected with the human rights organizations Access Now and Amnesty International.

The mobile devices were analyzed by the two international NGOs, according to SHARE, and found to have traces of failed spyware attack attempts — in both cases occurring in mid-August. [Editor's Note: Following publication, Access Now responded to a request for comment and cautioned that the results aren't final and more information will be released in a couple of weeks.]

The attack was attempted via a device vulnerability that Amnesty and Access Now have labeled “PWNYOURHOME,” which they said has been previously linked to Pegasus spyware, an advanced tool developed by the Israel-based NSO Group.

The vulnerability has since been patched.

Serbian parliamentary elections will be held on Dec. 17, a fact flagged by the SHARE Foundation in its news release, which warned that “spyware attacks on representatives of the critical public have a disastrous impact on democracy and human rights, especially in the pre-election period.”

Amnesty International did not respond to a request for comment.

The SHARE Foundation said the victims of the attack requested anonymity. It used the incident to call attention to the human rights’ abuses inherent to spyware.

“We remind the public that these and similar tools for technical attacks on mobile devices are used by non-democratic regimes around the world to spy on members of the opposition, civil society, independent media, dissidents and other actors working in the public interest,” the foundation said in a news release.

Spyware abuses have emerged in other European countries in recent years. In September, Poland's Senate announced a commission had confirmed Pegasus spyware was used to hack an opposition politician in 2019. As a result of the commission’s work, prosecutors there were asked to consider potential criminal charges against current and former Polish ministers believed to be involved.

The 18-month-long probe labeled the country’s 2019 elections unfair due to the hacking of the opposition candidate.

Other European governments including Spain, Greece, and Hungary have been found to have used spyware on civil society members.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Suzanne Smalley

Suzanne Smalley

is a reporter covering privacy, disinformation and cybersecurity policy for The Record. She was previously a cybersecurity reporter at CyberScoop and Reuters. Earlier in her career Suzanne covered the Boston Police Department for the Boston Globe and two presidential campaign cycles for Newsweek. She lives in Washington with her husband and three children.