Pegasus Spyware Scandal Escalates, Raising Pressure on Polish Government

Kwiatkowski said that the Audit Office had already pointed out in 2018 that the expenditure was illegal according to Polish law, because such purchases by the CBA should come from the state budget and face proper parliamentary scrutiny.

Marcin Bosacki, the opposition senator heading Tuesday's hearing, said the way the purchase was carried out indicates the governing Law and Justice, PiS party's intention to keep the spyware secret.

"The CBA at the time functioned as the private secret services of PiS," Bosacki said.

The evidence presented during the hearing indicated that high-level figures in the PiS government were coordinating the purchase of the spyware back in 2017.

Clients who buy the Pegasus software can use it to infect targets' phones, access any information on the devices and even other devices linked to it, and turn the phone into a spying tool by controlling its camera and microphone.

What has been revealed so far about the identity of the targets in Poland has seemed to back up the allegation that the governing party used the spyware to serve its political goals.

In December 2021, Citizen Lab, a cybersecurity unit at the University of Toronto, Canada, named some of the targets of the Pegasus spyware in Poland. The names included prosecutor Ewa Wrzosek and high-profile lawyer Roman Giertych, both of whom have been critical of the PiS government, and opposition parliamentarian Krzysztof Brejza.

In the first part of the Senate hearing on Monday, Citizen Lab senior researcher John Scott-Railton said that the spyware targeting of Brejza, which took place in 2019, was "very complex" and "one of the most aggressive forms of attack" that Citizen Lab, which studies the use of Pegasus across the world, had seen.<...