Pegasus Spyware: what do you need to know?
5 min read
Pegasus spyware hit the headlines in the summer of 2021 — it was found installed and lying low on the phones of 14 heads of state. Originally created as a means to spy on criminal elements, it was now repurposed for seemingly non-criminal organizations. Here’s everything you need to know about Pegasus and what you can do to prevent it from infecting your phone.
What is the NSO Group?
The NSO Group is an Israeli-based cyberarms firm founded in 2010. The NSO Group claims to only deal with “authorized” governments rather than selling cyberware to wealthy, private citizens. The aim of its technology is to prevent and fight terror and crime.
The NSO Group has been the target of two lawsuits in recent years. The first was from the instant messaging app Whatsapp. The lawsuit alleged that the NSO Group created an exploit via the Whatsapp calling feature. This exploit allowed an injection of spyware. 1,400 users were a victim of this exploit, with around 100 of them being human rights activists, journalists, and other perceived threats to a government. The NSO Group denied targeting the victims but did not deny creating the exploit.
The second lawsuit revolves around Apple and the infamous Pegasus spyware. Apple filed a complaint in November 2021. Once again, this lawsuit was about a security exploit that was used to inject Pegasus onto devices.
What is Pegasus spyware?
The NSO Group’s Pegasus spyware is their most infamous creation. Pegasus was created as a means to collect important and sensitive data, primarily from cell phones, but Pegasus could also be installed on other devices. What made Pegasus particularly potent was how the victim didn’t need to accidentally install it or activate it themselves. It was a no-click exploit that triggered the spyware. For iPhone users in particular, all it took was opening an iMessage for the spyware to be triggered.
Once a phone has been infected with Pegasus, it can read messages and emails, listen to calls, record passwords, and even track visited locations. The first known case of a Pegasus infection was in 2016, when it failed to install onto the iPhone of a human rights activist.
Despite the claims that Pegasus was only to be used as a means of gathering information against potential terror threats, thousands of victims of Pegasus are merely activists and journalists, prompting Amnesty International to speak out. The organization claims that, while the NSO Group may not be personally targeting victims, it still needs to take responsibility for how its tech is being misused. Especially when that technology is found on the phones of important government officials around the world.
How can you detect Pegasus spyware?
Pegasus, as with a lot of spyware, is hard to detect. Luckily, Amnesty International’s Security Lab has developed a method that will let someone scan their iPhone or Android phone for any signs of Pegasus.
How can I check if my phone has Pegasus spyware?
You wouldn’t be paranoid to wonder if your phone is spying on you. To check for this spyware, use an identifying utility tool called Mobile Verification Toolkit, or MVT. This “open-source mobile forensics tool” can be found here. You’ll also find a detailed list of instructions. It’s a complex process, so it’s recommended that only those with enough tech savvy and programming experience attempt to use the toolkit.
For those who want to try, be aware that you’ll need Linux or macOS to compile the necessary files for the suspect device.
Who uses Pegasus spyware?
Pegasus spyware has been utilized by dozens of governments. Unfortunately, a large number of Pegasus’ clientele are from countries that don’t have the best record when it comes to human rights and freedom of information.
Saudi Arabia, Azerbaijan, India, and the United Arab Emirates have been some of the biggest customers of Pegasus spyware. Our Pegasus surveillance report goes into further detail regarding the full scope of Pegasus’ usage. For a piece of tech that advertises itself as only to be used for “serious crimes and terrorism,” many victims of Pegasus malware seem to be activists, journalists, and opposing government politicians.
Does the US government use Pegasus tracking?
It’s not much of a stretch to assume that the US government could be interested in using Pegasus malware — it wouldn’t be the first time that US citizens have been spied on by their own government.
The NSO Group tried to sell Pegasus to the Drug Enforcement Agency (DEA) and San Diego Police Department — both groups declined due to the cost of the software. In January of 2022, it was revealed that the Federal Bureau of Investigation bought Pegasus in 2019 and even considered it for domestic spying. After discussions with the Department of Justice, it was ultimately decided not to use Pegasus.
How does Pegasus spyware impact freedom of speech and the right to privacy?
When governments are using technology that’s supposed to be used to combat criminal threats and terrorism against those who are merely dedicated to revealing the truth to their countrymen, it’s a bad sign for overall human freedom. It gives oppressive governments another way of guaranteeing they stay in power — by spying on those who oppose their regime, they can eliminate potential scandals before they’re revealed.
