A bombshell report hit the news on July 18, 2021, detailing how an Isreal-based company called NSO was selling spyware that hacked the phones of activists, business people, and heads of state from all over the world:
This was all revealed in a detailed report released by the Washington Post, titled the Pegasus Report, named after the name of the spyware that was being used.
Top Takeaways From The Pegasus Report
According to the report, almost 50,000 devices all over the world showed signs of this spyware in their system:
Some of the compromised devices belong to very powerful and influential people. Including French President Emmanuel Macron, Prime Minister of Pakistan Imran Khan, King of Morocco Mohammed VI, and many more.
In total 14 heads of state were on the list of people targeted by the Pegasus spyware.
And at least 37 of these devices were actively hacked or attempted to be hacked by the Pegasus spyware. This included the devices of people related to the late Saudi journalist Jamal Khashoggi, who was allegedly assassinated.
From the list of affected people, it was very clear that Pegasus was used to pretty intensely target a range of people including heads of state, political activists, and journalists:
Whereas, this spyware was supposedly intended to be only used against criminal enterprises and terror actors.
So who made Pegasus and how does it work?
Pegasus is made by an Israeli cybersecurity company called NSO, which is based in Herzliya, Israel. Like most emerging cybersecurity companies in Israel, the founders of NSO are former members of the infamous unit 8200 of the IDF:
Unit 8200 is a well-known Signal Intelligence unit of the IDF that carries out defensive and offensive cyber operations for the Israel Defense Force.
Pegasus is a remote access spyware tool that can be installed on any device. The most dangerous aspect of this spyware is that it seemingly doesn’t require any user interaction to be installed. This is extra dangerous since most people can avoid spyware by not clicking on suspicious links or downloading shady documents.
After the Pegasus is installed on the target device, it can access almost everything on that device. Ranging from text messages, emails, pictures, videos contact lists. If that wasn’t scary enough, it can also record phone calls and access the device’s camera and microphones on command.
The 50,000 People Exposed To Pegasus
According to Amnesty international, they first came across the list of 50,000 people that were exposed to this spyware. They then shared it with other independent cybersecurity researchers and the Washington Post:
Citizen Lab, a Canada-based non-profit also validated Amnesty International and Washington Post’s claims after they examined an infected device themselves.
But who would have access to this Spyware toolkit? According to NSO Group’s website, they only license its products to government intelligence and law enforcement agencies:
This means that intelligence and security agencies from all over the world have been buying the Pegasus toolkits, and indiscriminately have been using them against dissidents and foreign government officials.
The Global community is understandably upset that a cybersecurity company has been selling dangerous surveillance toolkits without remorse to anyone that can pay the price.