What is Pegasus Spyware and How it Works?

Amnesty International — part of the group that helped break the news of journalists and heads of state being targeted by NSO’s government-grade spyware, Pegasus — has released a tool to check if your phone has been affected.


Brief history of Pegasus:


2016: Researchers at Canadian cybersecurity organization The Citizen Lab first encountered Pegasus on a smartphone of human rights activist Ahmed Mansoor.


September 2018: The Citizen Lab published a report that identified 45 countries in which Pegasus was being used. As with the latest revelations, the list included India.


October 2019: WhatsApp revealed that journalists and human rights activists in India had been targets of surveillance by operators using Pegasus.


July 2021: The Pegasus Project, an international investigative journalism effort, revealed that various governments used the software to spy on government officials, opposition politicians, journalists, activists and many others. It said the Indian government used it to spy on around 300 people between 2017 and 2019.


French President Emmanuel Macron speaks on his Mobile Phone.

But what is Pegasus, who is it for, how does it infect devices, and what can it do?


The Pegasus spyware, developed by Israeli software company NSO Group, has targeted globally more than 50,000 phone numbers, including 300 in India, for surveillance.


What is Pegasus spyware?


A Spyware is any malicious software designed to enter your computer device, gather your data, and forward it to a third-party without your consent.

Pegasus, developed by NSO Group, is perhaps the most powerful spyware ever created. It is designed to infiltrate smartphones — Android and iOS — and turn them into surveillance devices.


The spyware in question, Pegasus, was developed by Israeli cybersecurity organization NSO Group, which sells its software to various clients, including governments, to track criminal and terrorist activity.


Pegasus can be used to infiltrate smartphones via apps like iMessage and WhatsApp, or by having victims inadvertently click a link containing the vulnerability. Spyware like Pegasus usually takes advantage of both known and unknown flaws in a computer’s operating system that have yet to be fixed.


In the past, software from NSO Group has demonstrated the ability to be installed on devices with zero interaction from the victim, as actions like receiving a call from someone attempting to infect a device was enough to successfully penetrate the operating system’s defenses without raising any alarms.


Like ransomware, the spyware exists in the smartphone’s memory, making detection difficult.


Once installed on a phone, Pegasus can intercept and steal more or less any information on it, including SMSes, contacts, call history, calendars, emails and browsing histories. It can use your phone’s microphone to record calls and other conversations, secretly film you with its camera, or track you with GPS.

The access granted by the Pegasus spyware appears to allow hackers to gather copious amounts of data from a smartphone without issue, according to the report. It allows hackers to read text messages and email correspondence, track a user’s location, activate systems like the microphone and camera, gain access to contact data, and more.


Who was targeted with Pegasus spyware?


While the leaked list provided by Amnesty International and Forbidden Stories contained around 50,000 phone numbers, that doesn’t necessarily mean the Pegasus spyware tool was used to compromise those phones. That being said, the number included various executives, government officials and pro-democracy activists, along with news reporters and journalists from outlets like Reuters, New York Times and The Guardian.


“Apple should block stuff like Pegasus,” says Swati Chaturvedi, an Indian investigative journalist who was potentially surveilled by the NSO software. “I have my doubts, whether it’s something they can’t fix, or whether it has been deliberately left unfixed.”


While your average smartphone owner might not be targeted by a nation’s government, the Pegasus revelations shed more light on our phones’ cybersecurity risks.



Is your smartphone vulnerable?


NSO Group responded to the allegations by denying its software was used on anyone besides its intended targets of criminals and terrorist organizations, and says it has taken steps in the past to stop clients who abuse the company’s surveillance technology.


While the number of hacked devices in the report pales in comparison to the billion-plus iOS devices in the world today, Pegasus spyware, unfortunately, reveals that no piece of technology is truly bulletproof. That doesn’t mean you should throw your phone in a Faraday cage, or go out and get an Android device (which are historically more vulnerable to malware attacks than iOS).


Apple maintains that iPhones provide users with a high level of security. It still claims the existence of a service like the Pegasus tool is a short-term threat, and not an issue for the vast majority of iPhone users.


Still, Apple did not state whether or not it had patched previous vulnerabilities dating as far back as 2018.

781 views