Pegasus is a spyware from the Israeli company NSO Group designed for surveillance. The program breaks into a smartphone on the “zero-click” principle – when no victim’s participation is required.

How does Pegasus work?

Unlike most spyware, this software does not require any action from the user (for example, opening an attached file in a message or providing credentials). The virus penetrates Android, iPhone or BlackBerry phones completely unnoticed by the user and, after installation, is able to access all his data, as well as remotely activate the camera or microphone, geolocation and “read” the contents of encrypted messages, including Telegram or WhatsApp.

Pegasus is able to penetrate a phone through several security holes in it. In particular, according to IT experts , sometimes it is quite enough to open a message in iMessage or SMS: no clicks, phishing, or calls. The program uses a vulnerability in the code to hack. Moreover, this is not always reflected in the device’s memory – after a reboot, the traces of a hacker attack disappear.

“This kind of espionage has dramatic and, in some cases, even fatal consequences for ordinary men and women, themselves targeted as a result of their work to expose politicians’ misconduct or defend the rights of fellow citizens,” Forbidden Stories said in a statement.

Pegasus monitors keystrokes on the infected device – all written communications and searches, even passwords, and transmits them to the client, as well as gives access to the phone’s microphone and camera.

What does the developer say?

Created in 2011 by former military personnel from the Israeli army’s “8200” electronic intelligence unit, the NSO Group claims that it works with intelligence and law enforcement agencies in 60 countries exclusively in the fight against terrorism, and in general, its technology is used every day for eliminating networks of pedophilia and drug trafficking, finding missing and kidnapped children, survivors trapped under destroyed buildings and protecting the airspace from the penetration of dangerous unmanned aerial vehicles. “

In a statement to Forbidden Stories, NSO promises to continue to “investigate and take appropriate action on any credible allegations of abuse.” At the same time, the current scandal is not the first for the company: in 2019, a vulnerability was discovered in WhatsApp, with the help of which NSO monitored users of the messenger.

Who will be responsible for the hacks

Heads of state and government, as well as several members of Arab royal families, were also on the list of possible targets for Pegasus, investigators say. “In the case of Azerbaijan, there are officials of the highest and middle ranks, both deputies and employees of pro-government NGOs,” adds Khadija Ismayilova.

The activities of the NSO Group were condemned by IT giants. “These cyber attacks are very sophisticated, cost millions of dollars to develop, are short-lived and are used to target specific individuals,” said Ivan Krstic, head of security architecture and development at Apple. we continue to work relanlessly to secure all of our customers. “

“Dangerous spyware NSO Group used to commit horrific violations of human rights around the world, and it must be stopped”, – he wrote on Twitter the head messenger WhatsApp Will Cathcart. Can governments and businesses team up to stop hacking attacks on journalists and activists?

“In the legislation of most countries there are legal norms prohibiting the use of such programs,” Vladimir Ozherelyev, an expert of the Russian human rights project “Roskomsvoboda”, explains to Present Time. the purpose, which will not allow to bring the developers of Pegasus to responsibility. Nevertheless, persons who knowingly misuse the program, including the use of official position, may be held liable. ” The expert does not exclude that in some cases, victims of cyberattacks can seek compensation in national and international courts.

Who used the Pegasus

Spyware was used by security officials from different countries to fight terrorism.
Hungary, Azerbaijan, Kazakhstan, India, Israel, Bahrain, Mexico, Morocco, Rwanda, Saudi Arabia,UAE.

Who was being followed with Pegasus

Pegasus was used to hack the phones of independent journalists, activists, human rights defenders, the military and politicians, including ministers, heads of government, diplomats, and oppositionists.

In Hungary, the smartphones of two employees of the investigative publication Direkt36 were hacked.

In Azerbaijan, with the help of Pegasus, they followed 48 journalists who criticized corruption in the country.

They also hacked journalists from major publications with a worldwide reputation: CNN, Associated Press, New York Times, Wall Street Journal, Bloomberg, Financial Times and others.