Mobile spyware rarely makes national headlines, but revelations about NSO Group using Pegasus spyware to spy on high-profile individuals catapulted the problem into mainstream media earlier this year.
Pegasus spyware is designed to let governments access a phone’s microphone, camera, and other data on both iPhone and Android devices. It’s also designed to be able to infect phones without requiring any action from the user and without leaving a trace, according to reports that came out earlier this year from a journalistic coalition called the Pegasus Project.
The software is a trojan style piece of malware that can often be installed with zero clicks and can begin to spy on devices with no interaction with the victim. Once Pegasus has been installed, it is able to extract personal information in a variety of ways. It can extract contacts, call logs, messages, photos, web browsing history, settings, as well as gather information from apps including but not limited to communications apps iMessage, Gmail, Viber, Facebook, WhatsApp, Telegram, and Skype.
Where did Pegasus come from?
Pegasus was first discovered in 2016 when human rights defender Ahmed Mansoor received a text that promised him secrets about torture in United Arab Emirates prisons if he followed a link. In fact, that link would have jailbroken his phone and installed the spyware onto the device.
This led to an investigation by Citizen Lab, which suggested that the software had been in use for some time; as early as 2013. Since then, it has been reported that the software has been used by government actors in Armenia, Azerbaijan, Bahrain, India, Morocco, Palestine, Saudi Arabia and the United Arab Emirates.
It remained largely under the radar until earlier this year. In 2021, not-for-profit organization Forbidden Stories and Amnesty International received a list of 50,000 phone numbers believed to have been targeted by clients of Israeli cyberarms firm, NSO Group. This led to an investigation called the ‘Pegasus Project’ which included over 180 journalists from around the world. The investigation found that the software is still widely used by authoritarian governments despite claims from the NSO Group that it was only used to combat counterterrorism and support law enforcement. These findings led to a huge reaction from the wider world who were concerned that their government might be utilizing the software for widespread surveillance on their citizens. Is that the case, however, and how does the software compare to commercial spyware offerings?
How does it compare to commercial spyware?
In its early versions, Pegasus was often implanted into devices via spear-phishing. However, since 2019 that has not been the case. For example, one more recent method of attack allows the device to be infected by means of a missed call on the WhatsApp app. This feature means that it is a scary proposition for victims as they will often not even know that it has been implanted.
Despite all this, the Pegasus software is very expensive compared to commercial spyware which can be purchased for as little as $20. This means that Pegasus is far less common than other spyware applications, which pose a greater problem for most mobile owners. Furthermore, NSO Group does not make Pegasus available to the general public, meaning that the average snooper or hacker is not going to be able to make use of it. So, whilst Pegasus sounds scary, more common commercial spyware remains a much greater threat.
How Certo can help
If you are concerned about the Pegasus software, or other more frequently used spyware services, there is no need to fear. If you have an iPhone, our latest version of Certo AntiSpy has new and improved capabilities, meaning that it is able to detect Indicators of Compromise (IoCs) for advanced threats such as Pegasus, alongside other more popular spyware services. Similarly, you can use Certo Mobile Security to scan your Android device and remove any malicious apps with one tap.