Don't miss




Controversial rapper cancels Bataclan concerts

Read more


Brett Kavanaugh hearings: Trump challenges Supreme Court nominee's accuser

Read more

#THE 51%

One is not enough: China to encourage people to have more children

Read more


A Pulitzer Prize-winning 'Trajectory': Richard Russo on writing small town America

Read more

#TECH 24

Hacking the body, and the mind: The future of connected humanity

Read more


Colombia: Cursed by coca in Catatumbo

Read more


Britain’s Labour Party: No home for Jews?

Read more


Outfoxed: The mystery of the ‘Croydon Cat Killer’

Read more


Backstage at the Moulin Rouge

Read more


Why Pegasus is the most powerful smartphone spyware ever detected

© © iStock

Text by Sébastian SEIBT

Latest update : 2016-08-27

On August 25 Apple advised all iPhone users to immediately install a security update to avoid being infected by the “Pegasus” spyware, which some experts are calling the “most sophisticated” software ever created to spy on smartphones.

The discovery of the Pegasus spyware on an iPhone came as a shock to the cyber security world. The software was created by the Israeli company NSO as a way to spy on Apple, Android and Blackberry smartphone users.

This cyber weapon is “by far the most sophisticated ever detected” on a mobile device, Gert-Jan Schenk, Europe and Middle East vice-president of Lookout – a company that analysed the virus – told FRANCE 24. He explained what is so unique about Pegasus.

FRANCE 24: What makes Pegasus different from other mobile spyware?

Gert-Jan Schenk: We’ve never seen spyware this sophisticated before. The user can’t detect the software on their smartphone, even after it has been contaminated. Plus, no data encryption can effectively protect against [Pegasus]. And its developers discovered three different security flaws that Apple didn’t know about.

If Pegasus can override data encryption, does that mean it is able to follow conversations on WhatsApp and Telegram?

You have to understand how Pegasus works. This spyware installs itself in the kernel of the phone – in other words at the heart of the operating system – which allows it to intercept conversations even before any encryption happens. It’s as if a spy could see what the user is typing on their keyboard. So basically the encryption of an app like WhatsApp or Telegram is useless against Pegasus.

Could this program be used to fight terrorist groups like the Islamic State (IS), some of whose members use Telegram?

Intelligence services can in effect use it for that purpose. It’s an unmatched tool for learning as much as possible about anyone since except for your spouse or partner, no one knows more about you than your phone.

Since regulation of cyber-weapons sales is very loose, NSO can decide to sell Pegasus to whomever they see fit. The company says that it will only sell the software to “authorised entities”, but they are the ones who decide what fits into that category. They could mean a repressive government or a state-run corporate espionage service. That regulatory vagueness is very dangerous when we’re talking about a digital weapon as dangerous as this.

But didn’t Apple issue a security update that should fix the problem?

First of all, the same software exists for Android and Blackberry, and we can assume that it is just as powerful. Second, Apple’s update only guarantees that Pegasus can no longer be installed on iPhones. But the spyware will continue to exist on smartphones that have already been contaminated, without the owners even noticing.

We’ll have to find out if the Apple update is effective against cyber spies who want to gain access to iPhones remotely.

This story was translated from the French original by Avi Davis

Date created : 2016-08-27


    French delivery people mull class action lawsuit as foodtech firm goes bust

    Read more


    Twitter suspends thousands of accounts for promoting terrorism

    Read more


    Snowden designs ‘spy-proof’ smartphone case

    Read more