News

The Pegasus Project: what happened and how to protect yourself

More than 180 journalists were discovered in a database of phone numbers designated for potential espionage, thanks to a leak of documents given to the Forbidden Stories journalistic collective and Amnesty International. The choice of targets for surveillance was made by clients of the Israeli company NSO Group, which specialises in the production of spyware that it sells to governments around the world. Its primary product, Pegasus, can compromise a mobile phone, extract all data from it and activate the microphone to record conversations.

In addition to journalists, among the 50,000 people suspected of being targeted by state structures from around the world, there were activists, academics and even top public officials.

Targeted surveillance

Pegasus enables targeted compromitation of mobile phones, by hacking through malicious links or technical vulnerabilities in popular applications. In that way, it is possible to target a predetermined person and confidential information stored on their phone – correspondence with journalistic sources, business and state secrets, information on political plans and actions and the like.

Spyware

Spyware is a type of malware that collects data from an infected system and passes it on, usually to the person who created it. With such malware, passwords, personal data, correspondence, etc. can be collected without authorisation.

Pegasus

Use of software for iOS was discovered in 2016, but is believed to have been in use since 2013. Although NSO Group claims that Pegasus is intended to fight terrorism and international crime, human rights organisations have identified the use of software in authoritarian regimes against civic activists and dissidents, including the assassinated Saudi journalist Jamal Khashoggi.

Who is using it

Among NSO Group customers are primarily state bodies authorised for conducting surveillance and interception of communications: intelligence and security agencies, police services and the military. Although information on 40 unnamed buyer countries is currently available, the Pegasus Project findings indicate that the spyware was used in Hungary, Azerbaijan, Bahrain, Mexico, Morocco, Saudi Arabia, Kazakhstan, Rwanda, India and the United Arab Emirates.

How it infects the device

The software is intended for devices running the Android operating system, as well as some iOS versions, and exploits several different flaws in the system. Infection vectors include link opening, photo apps, the Apple Music app and iMessage, while some require no interaction to run the software (zero-click).

What can it access

With Pegasus, attackers can reportedly gain access to virtually all data stored in the target’s smartphone, such as contents of SMS correspondence, emails and chat apps, photos, videos, address book, calendar data or GPS data. There are also options for remotely activating the phone’s microphone and camera and recording calls.

What can I do

Related content

Digital Rights Summer School: Where Is AI Leading Us

The second Digital Rights Summer School was held from July 23rd to 29th in Perast, Montenegro, with more than 50 participants and lecturers coming together to exchange and acquire knowledge about current issues at the intersection of society, technology, and human rights. The Digital Rights Summer School is organised by the SHARE Foundation in cooperation with the European […]

Revealing NoviSpy: Technical Analysis of a Serbian Android Spyware

How forced-root installation, systematic permission abuse, and stealth SMS command-and-control expose Serbia’s expanding digital repression By: Janko Marković In recent years, state-driven surveillance in Serbia has intensified considerably, evolving from sporadic interventions into a more systematic form of digital repression. Within this troubling landscape, NoviSpy has emerged as a custom-built Android spyware, reportedly engineered to […]

Green politics and digital society: join us!

The Digital/Green/Society, 14-16 May, Belgrade The issues of climate crises and the rapid development of information technologies are closely related, although the public generally does not discuss it enough. The processes of exploitation of natural resources for the purpose of creating and maintaining the global digital infrastructure have an increasing influence on socio-political relations. If […]