Pegasus is a spyware software created by an Israeli cyber hacking group called NSO Group. It is used to collect information from voice communications, camera, email, messaging, GPS, passwords, and contact lists, according to LookOut.
This is a threat to privacy, as mobile platforms become the perfect ground to get sensitive information from target victims, and well-resourced threat actors are regularly exploiting that mobile environment.
In a story by Lusaka Times, ‘Pegasus works on phones running Android, BlackBerry OS, and iOS operating software. It can be installed simply by clicking on a link, which is often designed to look like a message from a source or a breaking news story.’
CitizenLab carried out a survey of which countries operate the Pegasus spyware and found this:
“We found suspected NSO Pegasus infections associated with 33 of the 36 Pegasus operators we identified in 45 countries: Algeria, Bahrain, Bangladesh, Brazil, Canada, Cote d’Ivoire, Egypt, France, Greece, India, Iraq, Israel, Jordan, Kazakhstan, Kenya, Kuwait, Kyrgyzstan, Latvia, Lebanon, Libya, Mexico, Morocco, the Netherlands, Oman, Pakistan, Palestine, Poland, Qatar, Rwanda, Saudi Arabia, Singapore, South Africa, Switzerland, Tajikistan, Thailand, Togo, Tunisia, Turkey, the UAE, Uganda, the United Kingdom, the United States, Uzbekistan, Yemen, and Zambia. As our findings are based on country-level geolocation of DNS servers, factors such as VPNs and satellite Internet teleport locations can introduce inaccuracies.”
In July 2018, Israeli authorities arrested a former NSO Group employee for stealing the source code of the Pegasus spyware and attempting to sell it on the Dark Web for $50 million, as reported by ZDNet.
CitizenLab also reported: “We identify five operators focusing on Africa, including one that appears to be predominantly focusing on the West African country of Togo, a staunch Israel ally whose long-serving President has employed torture and excessive force against peaceful opposition. The operator in Togo may have used websites with names like “nouveau president” (“new president”) and “politiques infos” (“political information”) to infect targets with spyware. A separate operator that appears to focus on Morocco may also be spying on targets in other countries including Algeria, France, and Tunisia.”
How can one tell they have the spyware on their phone?
Lookout Mobile Endpoint Security can detect the presence of Pegasus and alert you of existing infections as well as any new infections. Lookout is also best positioned to track and protect against targeted threats like Pegasus because it’s a mobile-focused security company. Check if you’ve been impacted by Pegasus using these instructions here.