Remix.run Logo
â–˛ freehorse 2 hours ago

> we note an overlap between the first infection and a previously identified Pegasus campaign targeting Russian and Belarusian-speaking exiled journalists and activists in Europe, suggesting a Pegasus customer with authorization to spy in multiple European countries is responsible.

Who has "authorization to spy in multiple European countries"?

In this older article [0] about one of the mentioned russian exiles case it is mentioned that estonia and netherlands have used pegasus outside their borders, but there could be also others with such license

> the Netherlands’ General Intelligence and Security Service (AIVD) and an unnamed Estonian government agency, appear to use Pegasus extensively outside their borders, including within multiple European countries

However if the link between the russian exiles cases and kouloglou checks (through use of same mode of attack), a country like estonia sounds more likely. However, it can always be that an agency with access to pegasus uses it collaborating with/on behalf of an agency without.

[0] https://www.accessnow.org/publication/hacking-meduza-pegasus...