Here’s all you need to know about Pegasus spyware

Governments around the world are facing allegations that they used Israeli-made malware Pegasus, created by the NSO Group, to spy on the phones of activists, journalists, corporate executives and politicians.

According to an expose by a global consortium of media publications, in India, phones of two serving union ministers, three opposition leaders, one constitutional authority, current and former heads of security organisations, administrators and 40 senior journalists and activists were allegedly bugged using the Israel spy software Pegasus and put on surveillance.

How exactly does the Pegasus spyware work? How does it get onto people’s phones — and what can it do once it’s there? How does Pegasus sneak its way onto a phone? Here’s something important you should know…

What is Pegasus?

Pegasus is a type of malicious software or malware classified as a spyware.

Spyware such as Pegasus is designed to gain access to your device, without your knowledge, and gather personal information and relay it back to whoever it is that is using the software to spy on you.

According to this report, Pegasus is “the ultimate spyware for iOS and Android”, and has been behind the “most sophisticated attack ever seen”

Pegasus is widely sought after because it can hack into iPads and iPhones despite Apple products being touted to be among the safest and best for data privacy.

To make matters worse, those operating the software can even turn on a phone’s camera and microphone to capture activity in the phone’s vicinity.

In all, according to this report, Pegasus “can monitor up to 500 phones in a year, but can only track a maximum of 50 at one go”.

How does it work?

Mobile phone users should keep an eye out for text messages.

A hacker would typically try to infect a victim’s device with Pegasus using a phishing link, mostly sent via a text message that looks innocent and benign.

Clicking on the phishing link would (without the victim’s knowledge) start the download of Pegasus on the device and set up a connection with a hacker’s command computer that could be thousands of miles away.

According to The Citizen Lab, in this way Pegasus can be used to gather a vast amount of victim information: “Passwords, contact lists, calendar events, text messages, and live voice calls from popular mobile messaging apps.”

According to this report, “Pegasus could even listen to encrypted audio streams and read encrypted messages”.

Then there are the other aspects that make Pegasus an extremely sophisticated software.

Who developed and uses Pegasus?

Pegasus has been developed by the Israeli firm NSO Group that was set up on 25 January 2010.

According to an Amnesty International report, the first name initials of the founders form the acronym ‘NSO’. The founders are Niv Carmi, Shalev Hulio and Omri Lavie.

NSO does not openly name who buys its software. But its website does say that its products are used exclusively “by government intelligence and law enforcement agencies to fight crime and terror”.

The Citizen Lab report in 2018 identified 45 countries, including India, Bahrain, Kazakhstan, Mexico, Morocco, Saudi Arabia, and the United Arab Emirates, where it is being used.

Clarification of NSO group

The report by Forbidden Stories is full of wrong assumptions and uncorroborated theories that raise serious doubts about the reliability and interests of the sources. It seems like the “unidentified sources” have supplied information that has no factual basis and are far from reality.

After checking their claims, we firmly deny the false allegations made in their report. Their sources have supplied them with information which has no factual basis, as evident by the lack of supporting documentation for many of their claims.

In fact, these allegations are so outrageous and far from reality, that NSO is considering a defamation lawsuit.

NSO Group has said that the claims that the data was leaked from our servers, is a complete lie and ridiculous, since such data never existed on any of our servers.

As NSO has previously stated, our technology was not associated in any way with the heinous murder of Jamal Khashoggi. We can confirm that our technology was not used to listen, monitor, track, or collect information regarding him or his family members mentioned in the inquiry. We previously investigated this claim, which again, is being made without validation.

We would like to emphasize that NSO sells it technologies solely to law enforcement and intelligence agencies of vetted governments for the sole purpose of saving lives through preventing crime and terror acts. NSO does not operate the system and has no visibility to the data.