The Pegasus Spyware Scandal

Estimated read time 5 min read

The world was first introduced to Pegasus in 2016 when an unsuccessful attempt was made to infiltrate a human rights activist’s iPhone. This incident not only brought Pegasus to the limelight but also led to considerable media attention and broad public concern. Due to its intricate architecture, Pegasus was soon recognized as the “most sophisticated” smartphone attack observed till that time.

An All-Seeing, All-Hearing Ghost

Imagine a ghost that can not only see and hear everything you do but also pickpocket you without you noticing. That’s Pegasus for you! This sly spyware can burrow into your mobile device, snatch your sensitive data, track your every move, eavesdrop on your private conversations, and even steal your Wi-Fi passwords. Think you’re safe? Think again.

Pegasus Hits Europe: Who’s Next?

Europe is reeling under the shadow of Pegasus. Political figures, journalists, activists – no one’s safe. In France journalists were targeted, with fingers pointed at Moroccan intelligence. It’s led to court battles and high-level talks, but for now, the outcomes remain top secret.

In Spain, the PM and Catalan leaders found themselves in the spyware’s crosshairs, leading to dismissals and investigations. And let’s not forget the UK, with Pegasus lurking on government networks.

The Pegasus Drama: Different Acts, Different Reactions

The story varies from country to country. Poland owned up to using Pegasus after weeks of denial. The resulting political whirlwind has seen an investigation into whether dissident groups were surveilled.

Contrast this with Hungary, where the case was dropped entirely. The verdict? No harm, no foul.

Pegasus Creeps into Germany and Belgium

Germany and Belgium have not escaped the Pegasus scandal either. Despite warnings, Germany’s federal criminal police allegedly bought Pegasus for their fight against terrorism and organized crime. In Belgium, and even the Netherlands, details remain murky, feeding into a growing climate of mistrust.

Pegasus Sinister Sibling: Predator

Pegasus isn’t alone in this spying game. Meet ‘Predator‘, a spyware sibling causing a significant stir in Greece. Marketed by a local company, it’s suspected of targeting journalists and an opposition leader. This led to the toppling of two high-ranking officials, although the investigation into the scandal seems to be hindered by obstacles from within.

Pegasus Capabilities

Pegasus spyware Capabilities
Pegasus spyware Capabilities

Pegasus stands apart from regular spyware due to its extensive and invasive capabilities. It is able to intercept text messages, monitor calls, extract passwords, and even access a device’s microphone and camera. These functions are facilitated by a process known as “jailbreaking”, which allows Pegasus to bypass a device’s security safeguards and gain unrestricted access.

Discovery of Pegasus’ Exploitation Techniques

Research institutions, Citizen Lab, and Lookout, unveiled that Pegasus exploits what are known as zero-day vulnerabilities. These are previously unknown and unpatched security flaws. Pegasus uses these vulnerabilities to prompt users into opening a malicious URL, which in turn allows the spyware to jailbreak the device, install itself, and start harvesting data.

Pegasus Spyware: Tracing its Exploits Through Historical Vulnerabilities

CVE-2016-4657: A Look Back at WebKit Memory Corruption

Hailing from a time when Safari WebKit was more susceptible, CVE-2016-4657 allowed an attacker to compromise a device when a malicious link was clicked. A stark reminder of the need for continual browser security enhancements.

CVE-2016-4655: Kernel Information Leakage – An Old Foe

CVE-2016-4655 presents a kernel base mapping vulnerability that facilitated information leaks to an attacker, aiding in calculating the kernel’s location in memory. Although addressed, it is a reminder of the importance of robust kernel protection in safeguarding system information.

CVE-2016-4656: Kernel Memory Corruption Leading to Stealthy Jailbreaks

Representing iOS kernel vulnerabilities from an earlier era, both 32 and 64-bit, CVE-2016-4656 allowed for silent jailbreaking of devices and subsequent installation of surveillance software. It demonstrates the necessity of ongoing vigilance against potential system-level breaches.

Real-world Impact of Pegasus

Pegasus is not just a theoretical threat. It has been actively employed in real-world instances, targeting activists, journalists, and political leaders globally. The Pegasus Project, an investigative task force, reported that this spyware was being leveraged against high-profile individuals as of 2021.

How NSO Group’s Pegasus spyware was found on Jamal Khashoggi’s fiancée’s phone, report by Frontline

The Aftermath of the Pegasus Project Investigation

The unveiling of Pegasus’s widespread use through the Pegasus project investigation sparked global outcry and demands for industry regulation. French President Emmanuel Macron was among those stunned to find his phone number on a leaked list of potential Pegasus targets. This discovery resulted in the initiation of numerous investigations in France.

As an Amazon Associate, Cyberwarzone earns from qualifying purchases.

Data Leak and Forensic Analysis

A significant data leak exposed over 50,000 phone numbers believed to be of interest to NSO Group’s government clientele. Forensic studies found close correlations between the timestamp of a number in the leaked data and the onset of Pegasus activity, sometimes with a difference of just a few seconds.

Potential Government Clients of Pegasus

Several governments have been identified as potential Pegasus clients, including Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Hungary, India, and the United Arab Emirates.

Want to learn more about Pegasus? Continue reading these reports;

Done reading? Continue with Best OSINT Tools For Social Media

Reza Rafati

Reza Rafati, based in the Netherlands, is the founder of An industry professional providing insightful commentary on infosec, cybercrime, cyberwar, and threat intelligence, Reza dedicates his work to bolster digital defenses and promote cyber awareness.

You May Also Like

More From Author