“Do you have any information that he is next? I’ve heard something completely different…” reads a message sent from an unknown number, accompanied by a link, which a BIRN journalist received via Viber on February 14 of this year.

At first glance, the message appeared to be from a potential source eager to share information. However, the unusual link and unknown sender raised red flags, suggesting it might be a phishing attempt. Just an hour earlier, another BIRN journalist had received a similar message from the same unknown number, according to BIRN.

After suspecting these messages were efforts to install spyware on their devices, BIRN reached out to Amnesty International’s security lab for help. The subsequent forensic analysis confirmed that the attacks utilized Pegasus spyware.

“Our investigation revealed that the messages contained links to a Serbian-language domain, which we are confident is associated with the NSO Group’s Pegasus spyware,” explains Donna O’Carroll, head of Amnesty International’s security lab.

Fortunately, the attack did not succeed because the journalists refrained from clicking on the link. Had they done so, Pegasus, one of the most sophisticated and invasive digital surveillance programs available, would have been installed on their phones, granting access to their messages, emails, camera, microphone, and files—without their awareness.

“Upon receiving the message, I was at home, which I view as an infringement on my privacy. The constitution guarantees that wiretapping and surveillance are prohibited while I am in my home. When I noticed that the sender was not in my contacts and communicated so directly without revealing their identity, it felt immediate and urgent. I responded with, ‘I don’t have this number saved; may I ask who is writing?’ but my message didn’t go through. When I attempted to call, the number was unavailable,” recounts the anonymous BIRN journalist. She emphasized, “Today it’s me; tomorrow it could be someone else. The story is what matters, not me.”

Jelena Veljković, a multi-award-winning BIRN journalist with over three decades of experience, also received a message from the same number at the same time.

“The message was obfuscated by Viber’s security measures. I hesitated to do anything that might trigger the installation. Although I could tell it contained a link, the specifics were hard to make out,” Veljković states. She immediately blocked the sender. “I might not have given it a second thought if I hadn’t later seen that another colleague received a message from the same number around the same time,” she adds.

This revelation troubled her, as it involved her private phone, which she also uses for work.

“The realization that someone has the motive and resources to deploy such software on devices, especially knowing the capabilities of Pegasus, is alarming. It could also serve as a warning, implying, ‘Be careful, we’re watching you.’ This is a concern because the attackers likely anticipated that BIRN journalists would be cautious about clicking the link. We can’t ascertain who is behind this attack. I have my own theories, but I’d prefer not to speculate. Perhaps it sends a message to all of BIRN,” Veljković reflects.

One incident, two journalists, identical attack method

On February 14, 2025, both journalists received messages from a Viber account registered to the phone number +381659940263, which is registered with Telekom Srbija and has since become unavailable.

Veljković received her message at 12:55 on her Android device without opening it. Another colleague received it less than an hour later, at 13:46, on her iPhone, containing Serbian text and a link to a Serbian domain.

Amnesty International’s forensic team has determined, with high certainty, that the domain linked in this message is associated with Pegasus spyware, based on evidence gathered over several years in investigating the misuse of this technology.

Since the BIRN journalist did not click the link, the installation of the Pegasus spyware on her device was unsuccessful. When Amnesty researchers accessed the link in a secure environment, it redirected to a fake N1 news website: https://n1info.com. Amnesty experts note that a previous attempt at a Pegasus “single-click” attack against a protest leader in Serbia in July 2023 also redirected to this same media site.

Amnesty International concluded that both incidents involving BIRN journalists represented attempts to infect them with Pegasus software utilizing the “1-click” method. Both messages were sent within an hour from the same Viber number to two journalists from the same newsroom.

A BIRN journalist, who wishes to remain anonymous and also has decades of award-winning experience, believes such espionage attempts will persist.

“I suspect we are not the last within our newsroom to face this. During that period, I had sensitive contacts—perhaps that’s why we drew attention. Many journalists have critical sources, so this won’t stop with just two of us. There’s no need for them to install spyware on us; we publish all our findings publicly, accessible to anyone. Investigative journalism is a form of patriotism. We’re not armed or dangerous; we strive to highlight the issues that will improve Serbia,” she asserts.

Amnesty International: The Serbian state is likely the instigator

NSO Group claims its products are only utilized by “government intelligence and law enforcement agencies to combat crime and terrorism.” In correspondence with Amnesty International, NSO Group asserts that its systems are “sold solely to verified government users.” They also stated their compliance with international human rights and export regulations, asserting they would not accept Amnesty’s findings until performing internal assessments.

In this investigation, Amnesty failed to identify any other government entity besides Serbia that would have an interest in targeting the two BIRN journalists. Amnesty International concludes that it is highly probable that individuals within the Serbian state apparatus, or agents acting on their behalf, were involved in deploying the Pegasus spyware against the BIRN investigative journalists. Alarmingly, NSO Group appears to continue facilitating the use of Pegasus in Serbia, despite two prior Amnesty reports underscoring its misuse. A license for Pegasus software costs between $20,000 and $30,000 per user.

Amnesty International reached out to the Security Information Agency (BIA) in November 2024 and again in March 2025, seeking a response to these findings, but no response had been received by the time of this report’s publication.

These incidents concerning the two BIRN journalists mark the fourth and fifth instances in the last two years where Amnesty International’s security lab has unveiled the use of Pegasus spyware against media and civil society representatives in Serbia. In November 2023, Amnesty and its partners, Access Now, SHARE Foundation, and Citizen Lab documented that two members of Serbian civil society were targeted by a zero-click spyware attack. Additionally, the investigation uncovered a previously unreported instance in July 2023 when a Serbian activist was targeted by a one-click attempt to infect with Pegasus.

Beyond earlier revelations indicating that Serbian security forces employ Cellebrite for mobile forensic analysis and NoviSpy tracking, which demands physical access, the use of Pegasus spyware raises the stakes, as it can be remotely installed on a victim’s phone without detection.

Legally problematic, professionally unacceptable, personally troubling

Rodoljub Šabić, the former Commissioner for Personal Data Protection, emphasizes that employing Pegasus and similar tools outside of criminal investigations or state security protection is punishable by law. “The illegal use of these tools by the government undermines the principles of a rule-of-law state and endangers multiple constitutionally guaranteed rights for citizens. This is particularly threatening for media and journalists, as it compromises one of journalism’s fundamentals: protecting the confidentiality of sources,” Šabić tells BIRN.

Milorad Ivanović, editor of BIRN Serbia, asserts that the attack on the two colleagues is an attack on the entire organization.

“Though the espionage attempt was sophisticated, the underlying message is primitive: it seeks to instill fear, demanding silence. This will not deter us; on the contrary, it will fortify our resolve to uncover truths, safeguard sources, and serve the public interest. You cannot stifle the truth using spyware. If anything, it makes it all the more necessary,” Ivanović states.

BIRN journalists express that this incident will not disrupt their investigative work. “While this situation is uncomfortable, it won’t deter me, as each person in the industry can contribute toward a more normalized society, if not entirely resolved,” shares Veljković.

Another BIRN journalist expresses anger at the breach, noting, “It’s unacceptable that someone intruded into my private space. I view this as an attempt to obstruct my work in challenging conditions. While it temporarily unsettled me, I’ll be even more cautious, which is a necessary practice in this day and age. I’ve always refrained from sharing sensitive information over the phone.”

News