Pegasus malware has been on the minds of security researchers due to its rapid spread at an alarming rate worldwide. The malware has been active since at least 2016 when it was discovered to be infecting Android and iPhone devices. According to research done by Citizen Lab, the malware has now spread to at least 45 countries, namely the following:
Algeria, Bahrain, Bangladesh, Brazil, Canada, Cote d’Ivoire, Egypt, France, Greece, India, Iraq, Israel, Jordan, Kazakhstan, Kenya, Kuwait, Kyrgyzstan, Latvia, Lebanon, Libya, Mexico, Morocco, the Netherlands, Oman, Pakistan, Palestine, Poland, Qatar, Rwanda, Saudi Arabia, Singapore, South Africa, Switzerland, Tajikistan, Thailand, Togo, Tunisia, Turkey, the UAE, Uganda, the United Kingdom, the United States, Uzbekistan, Yemen, and Zambia.
The issue here is that Pegasus is not any sort of regular malware, as Citizen Lab researchers have tied it to potential human rights violations. According to Citizen Lab:
Our findings paint a bleak picture of the human rights risks... At least six countries with significant Pegasus operations have previously been linked to abusive use of spyware to target civil society... Pegasus also appears to be in use by countries with dubious human rights records and histories of abusive behaviour by state security services. In addition, we have found indications of possible political themes within targeting materials in several countries, casting doubt on whether the technology is being used as part of “legitimate” criminal investigations.
All signs in the Pegasus malware point back to the Israel-based NSO group, which Citizen Lab discovered to be selling the malware to governments and other entities that wanted the invasive surveillance methods Pegasus allows. The NSO Group, according to Threatpost, denied all the accusations despite the damning evidence of Citizen Lab’s extensive scanning of NSO’s infrastructure. In their report, Citizen Lab asserts that they were able to find 1,091 IP addresses and 1,014 domain names over the course of two years that were associated with the NSO Group’s C&C servers. The NSO Group is known for selling software to nation-states for “counter-terrorism,” so this is not such a stretch to believe.
Any individual who is engaged in work deemed “subversive” to their government would do well to look out for Pegasus. The NSO Group’s technology is vicious and the motives behind those that use it are equally as vicious.
Featured image: Pixabay