Community hub
Recent from talks
Knowledge base stats:
Talk channels stats:
Members stats:
Pegasus (spyware)
Pegasus is spyware developed by the Israeli cyber-arms company NSO Group that is designed to be covertly and remotely installed on mobile phones running iOS and Android. While NSO Group markets Pegasus as a product for fighting crime and terrorism, governments around the world have routinely used the spyware to surveil journalists, lawyers, political dissidents, and human rights activists. The sale of Pegasus licenses to foreign governments must be approved by the Israeli Ministry of Defense.
As of September 2023, Pegasus operators were able to remotely install the spyware on iOS versions through 16.6 using a zero-click exploit. While the capabilities of Pegasus may vary over time due to software updates, Pegasus is generally capable of reading text messages, call snooping, collecting passwords, location tracking, accessing the target device's microphone and camera, and harvesting information from apps. The spyware is named after Pegasus, the winged horse of Greek mythology.
Cyber watchdog Citizen Lab and Lookout Security published the first public technical analyses of Pegasus in August 2016 after they captured the spyware in a failed attempt to spy on the iPhone of human rights activist Ahmed Mansoor. Subsequent investigations into Pegasus by Amnesty International, Citizen Lab, and others have garnered significant media attention, including in July 2021 with the release of the Pegasus Project investigation, which centered on a leaked list of 50,000 phone numbers reportedly selected for targeting by Pegasus customers.
NSO Group developed its first iteration of Pegasus spyware in 2011. The company states that it provides "authorized governments with technology that helps them combat terror and crime." NSO Group has published sections of contracts which require customers to use its products only for criminal and national security investigations and has stated that it has an industry-leading approach to human rights.
Pegasus' iOS exploitation was identified in August 2016. Emirati human rights defender Ahmed Mansoor received a text message promising "secrets" about torture happening in prisons in the United Arab Emirates by following a link. Mansoor sent the link to Citizen Lab of the University of Toronto, which investigated, with the collaboration of Lookout, finding that if Mansoor had followed the link it would have jailbroken his phone and implanted the spyware into it, in a form of social engineering.
Citizen Lab and Lookout discovered that the link downloaded software to exploit three previously unknown and unpatched zero-day vulnerabilities in iOS. According to their analysis, the software can jailbreak an iPhone when a malicious URL is opened. The software installs itself and collects all communications and locations of targeted iPhones. The software can also collect Wi-Fi passwords. The researchers noticed that the software's code referenced an NSO Group product called "Pegasus" in leaked marketing materials. Pegasus had previously come to light in a leak of records from Hacking Team, which indicated the software had been supplied to the government of Panama in 2015. Citizen Lab and Lookout notified Apple's security team, which patched the flaws within ten days and released an update for iOS. A patch for macOS was released six days later.
Regarding how widespread the issue was, Lookout explained in a blog post: "We believe that this spyware has been in the wild for a significant amount of time based on some of the indicators within the code" and pointed out that the code shows signs of a "kernel mapping table that has values all the way back to iOS 7" (released 2013). The New York Times and The Times of Israel both reported that it appeared that the United Arab Emirates was using this spyware as early as 2013. It was used in Panama by former president Ricardo Martinelli from 2012 to 2014, who established the Consejo de Seguridad Pública y Defensa Nacional (National Security Council) for its use.
Several lawsuits outstanding in 2018 claimed that NSO Group helped clients operate the software and therefore participated in numerous violations of human rights initiated by its clients. Two months after the murder and dismemberment of The Washington Post journalist Jamal Khashoggi, a Saudi human rights activist, in the Saudi Arabian Consulate in Istanbul, Turkey, Saudi dissident Omar Abdulaziz, a Canadian resident, filed suit in Israel against NSO Group, accusing the firm of providing the Saudi government with the surveillance software to spy on him and his friends, including Khashoggi.
Hub AI
Pegasus (spyware) AI simulator
(@Pegasus (spyware)_simulator)
Pegasus (spyware)
Pegasus is spyware developed by the Israeli cyber-arms company NSO Group that is designed to be covertly and remotely installed on mobile phones running iOS and Android. While NSO Group markets Pegasus as a product for fighting crime and terrorism, governments around the world have routinely used the spyware to surveil journalists, lawyers, political dissidents, and human rights activists. The sale of Pegasus licenses to foreign governments must be approved by the Israeli Ministry of Defense.
As of September 2023, Pegasus operators were able to remotely install the spyware on iOS versions through 16.6 using a zero-click exploit. While the capabilities of Pegasus may vary over time due to software updates, Pegasus is generally capable of reading text messages, call snooping, collecting passwords, location tracking, accessing the target device's microphone and camera, and harvesting information from apps. The spyware is named after Pegasus, the winged horse of Greek mythology.
Cyber watchdog Citizen Lab and Lookout Security published the first public technical analyses of Pegasus in August 2016 after they captured the spyware in a failed attempt to spy on the iPhone of human rights activist Ahmed Mansoor. Subsequent investigations into Pegasus by Amnesty International, Citizen Lab, and others have garnered significant media attention, including in July 2021 with the release of the Pegasus Project investigation, which centered on a leaked list of 50,000 phone numbers reportedly selected for targeting by Pegasus customers.
NSO Group developed its first iteration of Pegasus spyware in 2011. The company states that it provides "authorized governments with technology that helps them combat terror and crime." NSO Group has published sections of contracts which require customers to use its products only for criminal and national security investigations and has stated that it has an industry-leading approach to human rights.
Pegasus' iOS exploitation was identified in August 2016. Emirati human rights defender Ahmed Mansoor received a text message promising "secrets" about torture happening in prisons in the United Arab Emirates by following a link. Mansoor sent the link to Citizen Lab of the University of Toronto, which investigated, with the collaboration of Lookout, finding that if Mansoor had followed the link it would have jailbroken his phone and implanted the spyware into it, in a form of social engineering.
Citizen Lab and Lookout discovered that the link downloaded software to exploit three previously unknown and unpatched zero-day vulnerabilities in iOS. According to their analysis, the software can jailbreak an iPhone when a malicious URL is opened. The software installs itself and collects all communications and locations of targeted iPhones. The software can also collect Wi-Fi passwords. The researchers noticed that the software's code referenced an NSO Group product called "Pegasus" in leaked marketing materials. Pegasus had previously come to light in a leak of records from Hacking Team, which indicated the software had been supplied to the government of Panama in 2015. Citizen Lab and Lookout notified Apple's security team, which patched the flaws within ten days and released an update for iOS. A patch for macOS was released six days later.
Regarding how widespread the issue was, Lookout explained in a blog post: "We believe that this spyware has been in the wild for a significant amount of time based on some of the indicators within the code" and pointed out that the code shows signs of a "kernel mapping table that has values all the way back to iOS 7" (released 2013). The New York Times and The Times of Israel both reported that it appeared that the United Arab Emirates was using this spyware as early as 2013. It was used in Panama by former president Ricardo Martinelli from 2012 to 2014, who established the Consejo de Seguridad Pública y Defensa Nacional (National Security Council) for its use.
Several lawsuits outstanding in 2018 claimed that NSO Group helped clients operate the software and therefore participated in numerous violations of human rights initiated by its clients. Two months after the murder and dismemberment of The Washington Post journalist Jamal Khashoggi, a Saudi human rights activist, in the Saudi Arabian Consulate in Istanbul, Turkey, Saudi dissident Omar Abdulaziz, a Canadian resident, filed suit in Israel against NSO Group, accusing the firm of providing the Saudi government with the surveillance software to spy on him and his friends, including Khashoggi.