Pegasus Spyware: 6 Biggest Questions Answered

Your government could be using it to spy on you.


Computer technology has always been touted as a valuable asset in the modern world, so much that it is said that the next World War could be based around cyber warfare. Consolidating this prediction, reports have emerged claiming that several governments across the world are illegally tracking important politicians and journalists using Israel-based NSO Group’s malicious software program called “Pegasus.”

What Is Pegasus?

Named after a mythical creature, Pegasus is a spyware program — software used to remotely monitor a target — created by NSO Group Technologies, based near Tel-Aviv. Historically, Pegasus has been instrumental in several international incidents, from the capture of a Mexican drug lord to the leak of Amazon founder Jeff Bezos’s WhatsApp texts.

It has come under fire again recently after a report suggested thousands of key figures from around the world might have fallen victim to this spyware.

How Does Pegasus Work?

Over the years, Pegasus has employed various methods to successfully infect a device. Earlier, it used a technique called “spear-phishing,” which involves sending a malicious link to the target. As soon as the link was clicked, Pegasus gained access to the device and, within hours, the phone’s data would be shared with the perpetrator.

However, these days a smartphone’s security has become more robust; the spyware now relies on an upgraded version of “zero-click attack.” In this, the perpetrator can infect a target device without waiting for any response from the potential victim.

Therefore, Pegasus doesn’t have to wait for any link to be clicked anymore, the spyware can easily infect a phone with something as simple as making a WhatsApp call.

pegasus working attack

Who Is Spying?

The creator of Pegasus, NSO Group, works closely with the Israeli Govt; obviously the latter makes the most out of Pegasus’s surveillance capabilities.

However, other potential clients are not left out either as the company shares the technology with a select group of governments from around the world. These overseas clients include India, Azerbaijan, Bahrain, Hungary, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, and the UAE.

Who Is The Target?

Although it is impossible to precisely gauge the extent to which a government decides to use Pegasus, this spyware is usually aimed at journalists — mostly those who pose a problem for the government.

One such incident, in which Pegasus was allegedly leveraged by a government, was when Saudi Arabian journalist and dissident Jamal Khashoggi was murdered in 2018.

Who Is Working To Stop Pegasus?

Non-profit organization Forbidden Stories, human rights organization Amnesty International, and a global network of 80 journalists from 17 media groups came together to investigate how governments use Pegasus to illegally snoop on people of interest.

The investigative effort is called “The Pegasus Project.” In its latest report, it revealed gaining access to a database of 50K phone numbers belonging to people whose phones might be infected with the spyware.

What Is The Indian Government’s Take?

Given reports have claimed the Indian government is one of NSO Group’s foreign clients for Pegasus. A list of potential targets, including the phone numbers of more than 40 Indian journalists from various media organizations, was leaked on the internet. In addition, forensic tests have already confirmed a Pegasus attack on at least 10 of the listed phone numbers.

The aforementioned claims were refuted by the Indian government and the NSO Group alike. While the Indian government re-assured that “the commitment to free speech as a fundamental right is the cornerstone of India’s democratic system,” the Israeli tech firm simply denied the report having any link to Pegasus.

Is the Indian government, along with others, sneaking into the phones of their own people, or are the reported leaks just fabrication? Do share your thoughts in the comments below.

Priye Rai

Priye Rai

Priye is a tech writer who writes about anything remotely related to tech, including gaming, smartphones, social media, etc. He prefers to be called a "video game journalist" and grimaces when he doesn't get to be "Player 1." If you want to share feedback or talk about games, reach out to @priyeakapj on Twitter.
More From Fossbytes

Latest On Fossbytes