Paris (AFP) - At least a dozen Armenian journalists, NGO workers and officials had their phones hacked with the notorious Pegasus spyware while the country fought with Azerbaijan, a rights group said Thursday.
The Israeli-made malware, which can seize control of a smartphone's microphone and camera, hit global headlines when a leak in 2021 showed how governments used it to spy on critics, journalists and NGOs.
Access Now said their report was the first to document evidence of spyware being used in an international conflict.
The two neighbours fought a brief war in 2020 for control of Azerbaijan's mostly Armenian-populated region of Nagorno-Karabakh, after an earlier conflict in the 1990s.
The fallout from the wars continues with the two sides meeting for talks in Moscow on Thursday.
Access Now said its joint investigation with other NGOs and academic groups had confirmed 12 people had been targeted with Pegasus.
Among them were Armenia's human rights chief, journalists for Radio Free Europe and a United Nations official.
Anna Naghdalyan, who served as a foreign ministry spokeswoman for Armenia during the conflict, was among the hacking victims and said her phone had held sensitive information about the war.
"This was just another indicator that all (parts of) our life can be targeted," she told AFP.
War crimes risk
The NGO was first contacted by worried Armenians in November 2021, when Apple warned that their phones could be vulnerable to the spyware, developed by Israel's NSO Group.
Access Now said the hacking was at its most intense during the conflict in late 2020 and the tense months afterwards, when the two sides engaged in peace talks and sporadic clashes.
The NGO said it could not be 100 percent sure who had carried out the surveillance as both countries have deployed spyware in the past.
"While the covert nature of surveillance tech means there aren't always clear breadcrumbs that lead to a perpetrator, circumstances and precedent point to Azerbaijani authorities," Access Now's Senior Humanitarian Officer Giulio Coppi told AFP.
Access Now called for a global moratorium on the sale of spyware until such programmes can be made compliant with international law.
"Providing Pegasus spyware to either of the countries' authorities in the context of a violent conflict carries a substantial risk of contributing to and facilitating serious human rights violations and even war crimes," said the report.
"This investigation shows that NSO Group not only failed to learn its lesson, but has doubled down on its abuses."
NSO, which faces multiple lawsuits from Apple and others, has repeatedly insisted it sells its software only to government clients and only for peaceful purposes.
But the 2021 leak suggested there were around 50,000 potential victims of Pegasus around the world, many of whom were dissidents, journalists and activists.