Project Torogoz Extensive Hacking of Media & Civil Society in El Salvador with Pegasus Spyware

This report describes the results of a collaborative investigation into the abuse of NSO Group’s Pegasus spyware to target members of the press and civil society in El Salvador. The investigation led to the identification of 35 Pegasus-infected individuals (37 devices) among members of El Salvador’s media and civil society.

Our investigation began in September 2021 when a group of independent journalists contacted Access Now’s Digital Security Helpline after testing their devices using the Amnesty International Security Lab’s Mobile Verification Toolkit (MVT) tool to detect Pegasus spyware.

The resulting investigation was a collaboration between the Citizen Lab and Access Now, with investigative assistance and case referrals from Frontline Defenders, SocialTIC, and Fundación Acceso. We asked Amnesty International’s Security Lab to conduct an independent review of our analysis for a sample of cases, and they have confirmed our findings.

Like most central American countries, El Salvador has had a troubled history marked by authoritarianism, endemic civil war and numerous coups, official and clandestine foreign intelligence and military assistance (particularly during the Cold War), organized crime, corruption, and drug trafficking.

Leave a Comment