Why Pegasus is the most powerful smartphone spyware ever detected
On August 25 Apple advised all iPhone users to immediately install a security update to avoid being infected by the “Pegasus” spyware, which some experts are calling the “most sophisticated” software ever created to spy on smartphones.
The discovery of the Pegasus spyware on an iPhone came as a shock to the cyber security world. The software was created by the Israeli company NSO as a way to spy on Apple, Android and Blackberry smartphone users.
This cyber weapon is “by far the most sophisticated ever detected” on a mobile device, Gert-Jan Schenk, Europe and Middle East vice-president of Lookout – a company that analysed the virus – told FRANCE 24. He explained what is so unique about Pegasus.
FRANCE 24: What makes Pegasus different from other mobile spyware?
Gert-Jan Schenk: We’ve never seen spyware this sophisticated before. The user can’t detect the software on their smartphone, even after it has been contaminated. Plus, no data encryption can effectively protect against [Pegasus]. And its developers discovered three different security flaws that Apple didn’t know about.
If Pegasus can override data encryption, does that mean it is able to follow conversations on WhatsApp and Telegram?
You have to understand how Pegasus works. This spyware installs itself in the kernel of the phone – in other words at the heart of the operating system – which allows it to intercept conversations even before any encryption happens. It’s as if a spy could see what the user is typing on their keyboard. So basically the encryption of an app like WhatsApp or Telegram is useless against Pegasus.
Could this program be used to fight terrorist groups like the Islamic State (IS), some of whose members use Telegram?
Intelligence services can in effect use it for that purpose. It’s an unmatched tool for learning as much as possible about anyone since except for your spouse or partner, no one knows more about you than your phone.
Since regulation of cyber-weapons sales is very loose, NSO can decide to sell Pegasus to whomever they see fit. The company says that it will only sell the software to “authorised entities”, but they are the ones who decide what fits into that category. They could mean a repressive government or a state-run corporate espionage service. That regulatory vagueness is very dangerous when we’re talking about a digital weapon as dangerous as this.
But didn’t Apple issue a security update that should fix the problem?
First of all, the same software exists for Android and Blackberry, and we can assume that it is just as powerful. Second, Apple’s update only guarantees that Pegasus can no longer be installed on iPhones. But the spyware will continue to exist on smartphones that have already been contaminated, without the owners even noticing.
We’ll have to find out if the Apple update is effective against cyber spies who want to gain access to iPhones remotely.