Pegasus, military-grade spyware created by a private Israeli cybersurveillance company called NSO, has been used to spy on over 50,000 people around the world, including journalists, politicians, and human rights activists.
This information comes from an investigation coordinated by Forbidden Stories, a French non-profit, and Amnesty International. These two organizations got hold of the list of 50,000 phone numbers targeted by Pegasus, with the numbers being mainly concentrated in countries with track records of surveillance and human rights abuse. Forbidden Stories and Amnesty International shared their findings with 17 media organizations which then conducted their own investigations.
Pegasus is a form of malware capable of infecting both iPhone and Android phones. Once a device has been infected, the spyware can extract text messages, emails, photographs, record calls, as well as covertly activate microphones and cameras. In practice, this means that malicious parties can gain access to nearly all forms of communication the surveilled person partakes in, even when they’re not actually using their phone.
The initial findings have revealed that the list of targeted people included multiple family members of one country’s ruler, 85 human rights activists, 189 journalists, 65 business executives, and over 600 politicians across 50 countries. Among targeted politicians, there were cabinet ministers, diplomats, and military and security officials. The journalists and editors in the list hailed from large media networks, such as CNN, Al Jazeera, and The Wall Street Journal.
The leaked data set does not reveal who planted the spyware or for what reason. NSO, the company that developed Pegasus, answered public inquiries through its lawyers. They stated that these are false claims and that 50,000 is an exaggerated number. Furthermore, they said NSO only sold Pegasus to vetted military, law enforcement, and security clients.
The question remains whether NSO is aware of how their spyware was used. Does the company know its product was utilized to spy on journalists and politicians or were its clients breaching contractual obligations and using the software for illegitimate spying operations?
Whatever the answer might be, these findings prompted discussions on whether we should work to more tightly regulate the use and development of surveillance technology. Until then, you can use this tool to check whether you’ve been targeted by Pegasus and work to improve the general safety of your devices.