Pegasus Spyware is Compromising Even the Most Secure Devices

A mobile EDR security company has recently found an alarming number of new devices infected with the Israeli Pegasus spyware.

Pegasus is a highly sophisticated spyware tool developed by the Israeli NSO group. Over the past few years, this spyware has been used by repressive regimes to track the phones of journalists and human rights activists. 

In 2019, after independent researchers at Citizen Labs discovered hundreds of abuse cases, Meta and WhatsApp filed a court case against the NSO group. However, it was believed that Pegasus was a spyware with only high-profile targets. Recently, iVerify’s investigation uncovered more phones that were infected with the virus. 

iVerify conducted a large-scale mobile threat investigation in May 2024, analysing 2,500 self-scanned devices using its Mobile Threat Hunting feature. The results found seven new phones of regular users infected with the Pegasus spyware. Based on this analysis, about 2.5 in every 1000 phones could potentially be infected. 

The phones were mostly infected around 2021 and 2022, with one device potentially being infected in late 2023. What is more alarming is that all seven of these are iPhones, which are known for being privacy-focused. 

Pegasus can remain undetected and remove itself afterwards, leaving no trace. While the report does not explain why these phones still had the exploit, it does raise concerns regarding the real number of devices that may have been compromised worldwide. 

Pegasus has been blacklisted in the U.S. since 2021. But it has been trying to make a comeback since the October 7 Hamas attack, according to a report by Wired. NSO Group is currently facing several lawsuits from journalists around the world. Apple also had a court case against them, which was recently terminated. 

There is no easy way to detect Pegasus on your smartphone. While it can be detected by running an MVT using Linux, it is a very advanced process requiring security experts’ involvement. And you may need to factory reset your phone to get rid of it. However, without an easy detection process, it is very difficult to know if your phone is even affected. And given that it’s used vulnerabilities in secure apps and devices like WhatsApp and iPhone, it’s clear that even the most privacy-focused users may not be immune to such sophisticated surveillance tools.

Leave a Comment