Thai human rights group iLaw, Southeast Asian internet watchdog Digital Reach and Toronto-based Citizen Lab Monday released a joint report claiming that multiple Thai democracy activists were targeted by a Pegasus spyware attack. The Pegasus software is owned by NSO Group, an Israeli firm, which claims to only sell its Pegasus software to government entities. 

Pegasus is a spyware for cell phones that allows the perpetrator of the attack to see texts, calls and in some cases, end-to-end encrypted messages, sent through applications such as WhatsApp. In its early form it was installed through “phishing” attacks, where an email or text was sent that a victim had to click on. Current versions work with both Android and IOS operating systems and do not require the victim to click on anything.

The report claims that several activists, both high- and low-profile, as well as funders of Thailand’s pro-democracy movement,  have been targeted by Pegasus attacks. Some of those targeted include Jatupat Boonpattararaksa, a well known protest organizer, Arnon Nampa, a human rights lawyer, and Inthira Charoenpura, an actress who publicly expressed support and assisted in funding protests. Overall, the report found at least 30 individuals that were affected by the virus.

During the time of the reported attacks, pro-democracy and anti-royal family protests were breaking out across Thailand between 2020 and 2021. The government cracked down on these protests using the lèse-majesté law, which bars citizens from “defam[ing], insult[ing] or threaten[ing]” certain members of the Thai royal family. Thousands of protesters have been arrested under the lèse-majesté law. 

The Thai government and NSO have yet to respond to the report.