Russian journalist Galina Timchenko, a vocal critic of the Kremlin and owner of independent media outlet Meduza, had her iPhone infected with Pegasus spyware during a private conference in Berlin. This marks the first documented case of a Pegasus infection targeting a Russian citizen.
Furthermore, the attack took place in February, shortly after Russia outlawed Meduza due to its critical coverage of the government. While it’s unclear who was behind the hack, suspicions point to countries with ties to Russia, raising concerns about the safety of exiled journalists even in Europe.
Pegasus spyware is known for its ability to access calls, messages, photos, activate the device’s camera and microphone, and track the phone’s location. Despite receiving a warning from Apple in June that her phone might be a target for state-sponsored hackers, Timchenko’s iPhone was compromised.
Access Now and the University of Toronto’s Citizen Lab confirmed the Pegasus infection, emphasizing the potential risks to Timchenko’s contacts, particularly if they were from Russia, where cooperation with “undesirable” organizations can lead to persecution.
At the same time, the identity of the hackers remains unknown, but Pegasus is exclusively sold to government agencies. While there’s no direct evidence of Russian government involvement, countries with ties to Russia, such as Azerbaijan or Kazakhstan, could have acted on behalf of the Kremlin.
The incident highlights the challenges faced by exiled journalists who continue to be targeted both digitally and physically, underscoring the need for enhanced security measures for those reporting on critical issues in oppressive regimes.