Pegasus // The World’s Most Invasive Spyware
By Tibor Moes / Updated: July 2024
Pegasus
Imagine a tool so powerful, it can infiltrate your smartphone without you clicking a single link, turning it into a 24-hour surveillance device.
This spyware watches your every move – your 3000 photos, embarrassing browsing history, corny messages, and even your current location – all without you noticing. This is …Pegasus
- Edward Snowden: “This is everywhere. This industry should not exist.”
- Eyal Weizmann: “Cyber weapons are weapons. People get killed.”
- Benjamin Netanyahu: “With a click, you can bring nations to their knees.”
Real-World Examples
September 2014 – In the quiet Mexican town of Iguala, a horrific event unfolded. Local police detained 43 students from the Ayotzinapa Rural Teachers’ College. They disappeared without a trace.
The government quickly claimed the students were killed by a cartel. But the story didn’t add up. Protests erupted, demanding the truth.
Carmen Aristegui, a renowned journalist, took on the investigation. She uncovered evidence suggesting deeper state involvement. Her relentless pursuit kept the Ayotzinapa case in the public eye.
In January 2016, during her investigation, Carmen Aristegui, her colleagues, and even her son started receiving suspicious text messages. These messages often pretended to be from the U.S. Embassy, but also included more personal ones.
The situation escalated in 2017 when Javier Valdez Cárdenas, a respected journalist known for his reporting on drug cartels, was brutally assassinated on May 15. Ten days later, his wife, Griselda Triana, received similar suspicious messages that exploited her grief.
But…Who was behind these messages? Citizen Lab, a research group at the University of Toronto, revealed the truth. These messages contained links designed to infect their phones with Pegasus spyware, aiming to monitor and intimidate those seeking justice and truth.
What is Pegasus?
In 2010, the Israeli cyber intelligence firm NSO Group launched a powerful surveillance tool called Pegasus.
It can infiltrate smartphones and extract data without the user’s knowledge, compromising any iOS or Android device.
Pegasus quickly became NSO’s most important product, marketed as a tool to combat terrorism and serious crime.
Who are the Targets?
But behind its noble facade, Pegasus found its way into the hands of oppressive regimes. Forbidden Stories, a consortium of investigative journalists, discovered widespread misuse of Pegasus, contrary to NSO Group’s claims.
Instead of targeting criminals, Pegasus spyware has been used to spy on journalists, human rights activists, and political opponents. In fact, since 2015, at least 45 countries have used Pegasus to surveil over 600 politicians and government officials, 64 business executives, 189 journalists, and 85 human rights activists. Can you imagine the scale of this surveillance?
More than 50,000 phone numbers have been identified as potential targets. Even the French President and other state leaders were very likely attacked by Pegasus in 2019.
So, who are the targets? Anyone who dares to speak out, stands up for human rights, and challenges the status quo.
Who are the Buyers?
NSO Group denies any wrongdoing, claiming Pegasus is intended for use against malicious actors, available only to military, law enforcement, and intelligence agencies from countries with good human rights records. But is that the truth?
Despite these claims, the reality paints a different picture. NSO Group’s clients include governments with poor free speech records like Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Togo, and the UAE.
In Mexico, even drug cartels reportedly used these tools to target journalists reporting on their activities, as in the case of the assassinated Javier Valdez Cárdenas, with his colleagues and widow also being targeted by the spyware.
Similarly, governments with questionable human rights records, like Saudi Arabia and the UAE, have been accused of using Pegasus to suppress opposition and monitor critics, such as the hacking of Jamal Khashoggi’s associates before his murder.
In the wrong hands, Pegasus isn’t just a tool for security; it’s a weapon for control.
How Does Pegasus Work?
So, how does Pegasus work? The earliest version, discovered in 2016, infected phones through spear-phishing links— simple text messages via SMS, WhatsApp or iMessage that tricked the target into clicking a malicious link.
But Pegasus didn’t stop there.
NSO’s attack capabilities have since become more advanced. Now, Pegasus can infect phones through ‘zero-click’ attacks. What does this mean? It means your phone can be compromised without you ever clicking a link.
These attacks exploit ‘zero-day’ vulnerabilities – flaws or bugs in an operating system that the manufacturer doesn’t yet know about, and therefore, hasn’t fixed.
Pegasus is designed to be highly stealthy and resilient. It can remove itself from the device if there’s a risk of detection.
But how can you protect yourself from such a powerful tool? While there are no absolute solutions, especially against zero-click exploits, there are steps you can take.
Keep your device software up to date. Avoid clicking on suspicious links. Use a VPN when on public Wi-Fi. And install an antivirus program. These steps can reduce your chances of falling victim to malicious attacks.
Researching a reliable antivirus can be a real hassle. But don’t worry. We at SoftwareLab did the heavy lifting for you. Check out our comparison and find the best solution for you!
Impact and Implications
Once installed, Pegasus gains full control over the device. It can read texts, emails, and instant messages, even those sent through encrypted apps like WhatsApp and Signal. Pegasus can track the target’s movements in real-time using GPS data, record conversations, capture images without consent, and collect passwords, contact lists, calendar events, and browsing history.
What does this mean for victims? The impact on mental health is profound. Constant monitoring creates fear and stress, a form of digital violence. Freedom of expression suffers—journalists and activists may self-censor, avoiding sensitive topics out of fear. Even worse, governments using Pegasus normalize surveillance, eroding privacy rights.
The development and use of advanced spyware like Pegasus escalate the cyber arms race. Nations and non-state actors seek to develop more sophisticated surveillance and cyber warfare capabilities. Aren’t the very criminals and unlawful actors that NSO claims to combat the ones being armed instead?
And what about democracy? In a world where leaders and opponents can be spied on, the balance of power shifts. Surveillance can manipulate, intimidate, and control political discourse.
But what happens when such power is recognized as a threat?
Current Developments
In November 2021, the Biden administration blacklisted NSO Group, calling them a national security risk. This move aimed to stop U.S. entities from doing business with NSO and sent a strong message against their practices.
Fast forward to 2024, a U.S. district court ordered NSO Group to hand over documents and source code related to Pegasus to WhatsApp. This is part of a lawsuit WhatsApp started in 2019, claiming Pegasus targeted 1,400 of its users.
Apple is also fighting back. In early 2024, a U.S. court rejected NSO’s attempt to dismiss Apple’s lawsuit. Apple claims NSO violated computer fraud laws.
But Apple isn’t stopping there. They’re rolling out new security features like Lockdown Mode to protect users from threats. Plus, they’ve set up a $10 million fund to support organizations fighting spyware.
These actions by the U.S. government, WhatsApp, and Apple show a growing global pushback against spyware vendors. The goal is clear: to protect people from unlawful surveillance and hold the responsible parties accountable
Conclusion
Pegasus represents an entire industry of spyware sold to governments worldwide. This multi-billion-dollar industry operates with minimal regulation, and the misuse of Pegasus has destroyed lives and invaded privacy on an unprecedented scale.
How can we prevent such crimes in the future? One solution could be creating an independent body to oversee the use of such software. This body would establish strict guidelines, conduct regular audits, and ensure transparency and accountability.
But one thing is clear: this technology is here to stay. As spyware becomes more advanced, our efforts to protect privacy and human rights must evolve as well.
Stay safe online.
Author: Tibor Moes
Founder & Chief Editor at SoftwareLab
Tibor has tested 28 antivirus programs and 25 VPN services, and holds a Cybersecurity Graduate Certificate from Stanford University.
He uses Norton to protect his devices, NordVPN for his privacy, and Proton for his passwords and email.