What is Pegasus and how can I check if I have been affected?

Over the past week, you may have seen an investigation called the Pegasus Project in the news. A company called the NSO Group have reportedly been selling a piece of spyware, known as Pegasus, to governments worldwide. The spyware is able to infect Android and Apple devices and, once installed, it can provide access to messages, photos, and emails –  without the user’s consent. 

The NSO Group have said that Pegasus is only used on criminals and terrorists. However, the investigation, led by Forbidden Stories and Amnesty International, has identified 50,000 potential targets of the spyware. This has included journalists, lawyers, politicians and world leaders.  

But what is Pegasus, and how do you know if you’ve been affected? 

What is the Pegasus hack? 

Pegasus is a form of spyware that is used to monitor and track a user’s movements on their phone. It used to only be able to be installed if someone had clicked a malicious link. However, the spyware is can now infect a device without requiring the user to click a link, via a zero click attack. For example, a phone could become infected by simply receiving a WhatsApp call, even if the call was never answered. In 2019, this method was used to send NSO’s software to more than 1400 devices 

Once installed, Pegasus is able to access pretty much everything  a user’s device – from calls, photos and messages, through  to the camera, microphone and location information – all without the user knowing. The spyware then harvests and passes this information onto the attacker. 

How do I know if I’ve been affected? 

As the spyware has mainly been used on influential business leaders, journalists or politicians, it is unlikely that the average person has been affected. However, there are a couple of ways to check if your phone has been infected: 

  • iVerify, a security app for iPhone and Android users, is able to detect Pegasus on a user’s phone. The app looks for signs of compromise, for example, malicious files, and provides real-time updates of traces of Pegasus on the device. The app is Apple-approved, but is also available to Android users via Google Play. 
  • Amnesty International has developed a utility called the Mobile Verification Toolkit (MVT) which is also able to identify Pegasus spyware on a device. It works by saving a backup copy of the data from the smartphone on a computer, before scanning for Pegasus spyware. It is compatible with Android and iOS, but is tricky to install. The utility needs to be compiled for a specific device, which can only be done in a computer with an operating system called Linux.  

Interested in finding out more about how to protect yourself from getting hacked? Check out our some of our other similar posts: