Pegasus is spyware (software that transmits data to a third party without consent) developed by a company in Israel (NSO Group) that has been used by several countries for surveillance. Pegasus has been designed to infiltrate phones that run Android and iOS and turn them into surveillance devices. The NSO Group has created one of the most powerful surveillance software ever and brands the software as something that will aid in the apprehension of criminals and is exclusively accessible to governments. 

Why is Pegasus software in the news lately?

The reason Pegasus has gained notoriety in recent times is that Forbidden Stories and Amnesty International shared a database of numbers believed to be of interest to NSO customers with different news organisations. Subsequently, these news organisations confirmed infections on some of those numbers and therefore broke the story. Pegasus has globally targeted over 30,000 phone numbers. Individuals that have been targeted include elected officials, current judges, journalists, activists and notable businesspeople. 

How does Pegasus work?

Pegasus is designed to take advantage of software flaws in phone operating systems that even the most up to date security patches cannot prevent. Recently, Pegasus has been able to infiltrate phones through a WhatsApp missed call and can even delete the record of the call afterwards so the victim is unaware that their device has been infected. Pegasus can also infect a device through a wireless transmitter proximal to the target device. 

What is the software capable of doing?

The capabilities of this software are diverse. It is capable of stealing any information from the device it infects ranging from text messages to emails to browsing history as well. Features of the phone can be exploited such as the microphone, which can be used to listen to phone calls or other conversations, the camera, which can be used to discreetly record content or even the GPS, which can be accessed without the device owner’s knowledge. 

Problems with the usage of the Pegasus software

The Pegasus software has been horribly misused by some governments purchasing them. The software was not created with the intention of surveilling journalists, activists, elected officials and the like. Preventing serious crimes and terror plots is the reason why governments have access to this software and exploiting it for illicit surveillance is a violation of the privacy rights of the respective governments’ citizens. 

Ways of preventing device infection

Two-factor Authentication and regularly changing passwords can be good insurance against spyware but even that is not foolproof against Pegasus spyware because of the subtle non-click methods of infection it employs. However, if there is suspicion that a device has been infected, Amnesty International has released an open-source software called the Mobile Verification Toolkit that is designed to find traces of the Pegasus software.