2 min read

Exiled Russian journalist claims "European state" hacked her iPhone with Pegasus spyware


September 26, 2023

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Exiled Russian journalist claims "European state" hacked her iPhone with Pegasus spyware

The co-founder and publisher of Meduza, a news outlet outlawed in Russia for its independent reporting and stance on the war in Ukraine, believes that a country in the European Union was behind the hacking of her iPhone with military-grade spyware.

Galina Timchenko, who has been declared "undesirable" by the Kremlin and lives in exile in Europe, is thought to have joined a long line of journalists to have been spied upon by the notorious Pegasus spyware, developed by Israel's controversial NSO Group.

Earlier this month, Meduza itself described how security experts had discovered that Timchenko's iPhone had been infected with Pegasus on February 10, 2023 - giving hackers total access to the device, including its messages, emails, calls, photographs, and microphone.

Timchenko first became aware that her phone may have been hacked after receiving a warning from Apple.

The Latvian-based media company was understandably concerned that not only could corporate passwords and correspondence have been stolen by hackers, but also the names of staff, and - most worryingly - the names of Meduza's sources and collaborators within Russia.

The day after Timchenko's iPhone was hacked she participated in a confidential meeting in Germany, raising concerns that whoever hacked the device could have used it to secretly listen in and record anything said within its earshot.

It would be understandable, considering the history of Meduza and Timichenko, that Russia would be strongly suspected of using the NSO Group's Pegasus spyware to spy upon the outlet's publisher.  However, researchers at Citizen Lab - who examined Timichenko's iPhone - say they have seen no evidence of Russia using Pegasus.

As The Guardian reports, Timichenko and Meduza's current editor-in-chief Ivan Kolpakov say that circumstantial evidence points to an EU state being the likely perpetrator behind the hack of Timichenko's iPhone.

At least three other Russian journalists who have smartphones based in Latvia are said to have received alerts from Apple suggesting they have fallen victim to the Pegasus spyware.

According to researchers at Citizen Lab and Access Now, Latvia - a European Union member since 2004 - appears to be a customer of  NSO Group, but evidence does not exist that the country has the ability to use Pegasus outside its borders.

Timichenko, who has lived in Latvia for almost a decade, has highlighted tensions that have arisen between the Latvian authorities and Meduza since it showed support for TV Rain, a Russian TV station based in Latvia, that lost its broadcasting license over its critical reporting of the war in Ukraine.




Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.

View all posts

You might also like