Citizen Lab Exposes Mexican Government Targeting of Journalists and Activists with Pegasus

Citizen Lab publishes “Reckless Exploit,” documenting that at least 22 members of Mexican civil society were targeted with NSO Group’s Pegasus spyware between 2015-2017, including lawyers, journalists, human rights defenders, politicians, anti-corruption advocates, and public health workers. Among the targets is Carmen Aristegui, one of Mexico’s most prominent investigative journalists and a CNN contributor known for exposing government corruption. When phishing attempts fail to compromise Aristegui herself, the attackers target her teenage son.

The investigation reveals that Mexico was NSO Group’s first overseas client in 2011, less than a year after the firm’s founding, and signed a $20 million contract with the federal government in 2012. By 2017, Mexico has become “the first and most prolific user of Pegasus” according to the New York Times. The targeting involves sophisticated SMS messages with malicious links designed to exploit smartphone vulnerabilities and install surveillance software.

The report demonstrates systematic abuse of “anti-terrorism” surveillance technology against civil society, including targeting of anti-obesity campaigners who supported Mexico’s soda tax and lawyers representing families of murdered women. This marks the beginning of Citizen Lab’s “Reckless” investigation series that would ultimately document over 100 cases of abusive NSO Group targeting in Mexico alone, exposing how governments purchase commercial spyware marketed for counterterrorism but deploy it against domestic critics, journalists, and activists.