Pegasus App Possibly Being Used to Spy on Journalists, Activists
On Sunday, July 18, an alliance of 16 media outlets reported that the Pegasus spyware app, produced by the Israeli security firm nso, is being used to spy on journalists and human rights activists.
The Guardian, Washington Post and other news outlets worked with Amnesty International and the Paris nonprofit Forbidden Stories to analyze a list of 50,000 phone numbers allegedly obtained from nso that are possible targets of the Pegasus app. The analysis identified more than 1,000 phone numbers, which according to Chron, includes “several Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists and more than 600 politicians and government officials—including cabinet ministers, diplomats and military and security officers, as well as several heads of state and prime ministers.”
Among the numbers identified were journalists critical of Hungarian President Viktor Orbán; journalists and civil rights activists from Azerbaijan, where dictator Ilham Aliyev has a long history of invasive surveillance; and others from Mexico, Saudi Arabia, India, Morocco, the United Arab Emirates, Bahrain, Kazakhstan and Rwanda. Numbers included “reporters, editors and executives at the Financial Times, cnn, the New York Times, France 24, the Economist, Associated Press and Reuters,” reported the Guardian.
One of the individuals identified on the list is Financial Times editor Roula Khalaf, whom the Guardian reports as being the potential target of a Pegasus hack in 2018. Some of the targets on the list have been imprisoned, died in prison, or subjected to torture by the regime. The Pegasus app may have provided the “proof” used against these individuals from information taken directly from their personal mobile device.
Amnesty International’s Security Lab did a forensic analysis on 67 smartphones and found evidence of the Pegasus app on 37 of them.
It is still unclear what the purpose of the list was, but it is not a coincidence that it had phone numbers of journalists and activists who report abuses and corruption in some of the most authoritarian regimes in the world.
Although denying the reports, nso’s chief executive, Shalev Hulio, said: “We are checking every allegation, and if some of the allegations are true, we will take stern action, and we will terminate contracts like we did in the past.” However, it is a matter of record that nso has previously sold the technology to regimes to spy on dissidents.
nso originally created the Pegasus app to help track criminals and terrorists. If these latest reports are true, the company is working with authoritarian regimes against people who are exposing the truth.
This exposes the dangerously effective technology available to spy on anyone with a smartphone.
What Is Pegasus?
Pegasus is probably the most powerful spyware ever created. The first version, discovered in 2016 “infected phones through what is called spear-phishing—text messages or e-mails that trick a target into clicking on a malicious link,” according to the Guardian. By clicking on the link, the target would download the app onto their device.
Researchers have discovered the app now boasts far more powerful capabilities. It now uses “zero-click” attacks and “zero-day” capabilities. David Pegg and Sam Cutler at the Guardian explain:
Pegasus infections can be achieved through so-called “zero-click” attacks, which do not require any interaction from the phone’s owner in order to succeed. These will often exploit “zero-day” vulnerabilities, which are flaws or bugs in an operating system that the mobile phone’s manufacturer does not yet know about and so has not been able to fix.
To explain this, the authors used an example of how Pegasus infiltrated phones through a popular third-party messaging app, WhatsApp:
In 2019, WhatsApp revealed that nso’s software had been used to send malware to more than 1,400 phones by exploiting a zero-day vulnerability. Simply by placing a WhatsApp call to a target device, malicious Pegasus code could be installed on the phone, even if the target never answered the call.
The Pegasus software has exposed massive zero-click and zero-day vulnerabilities in Apple’s iMessage, even on iPhone 12s running the newest security update. Forbes reports: “Bill Marczak, researcher at Citizen Lab, told Forbes that in some cases Apple’s iOS will automatically run data within iMessages and attachments, even when they’re from strangers, which could put users at risk.” In other words, iMessage may automatically download data and attachments, even from an untrusted source. One unsolicited iMessage to your iPhone, and the Pegasus app will be on your device. Once an iPhone is compromised, the attacker has administrative privileges on the device.
Researchers at Amnesty’s Security Lab also discovered that the app can be installed on the device via a wireless transceiver located near the target, and that nso might have started using Apple’s Music and Photo apps to gain access.
Once installed on the phone, it is difficult to detect. And there is nothing you can do to prevent it. Claudio Guarnieri, who works at the Security Lab, told the Guardian: “This is a question that gets asked to me pretty much every time we do forensics with somebody: ‘What can I do to stop this happening again?’ … The real honest answer is, nothing.”
What can Pegasus do once it is on your smartphone?
It turns your smartphone into a surveillance device by virtually accessing any data from your phone and utilizing any function on your phone to spy on you.
Here is a list of what the app can access and send back to the attacker:
- sms
- E-mails
- WhatsApp chats
- Photos and Video
- Activate microphone
- Activate camera
- Record calls
- gps data
- Calendar
- Contact book
What a terrifying piece of technology.
Although these capabilities do help militaries track terrorists and criminals, they are also incredibly dangerous when used by authoritarians against their own people. All technology, no matter the good intention behind its creation, is eventually used for evil purposes.
A Pew Research Center report found that 85 percent of Americans own a smartphone, with 11 percent owning a cell phone that is not a smartphone. According to Statisa, there are over 6 billion smartphone subscriptions worldwide. That is a lot of vulnerable targets for spyware that is one step ahead of known defenses.
Could your phone be the target of a Pegasus attack?
Preview of Your Future
In the April 2018 Trumpet magazine, Richard Palmer wrote an article titled “Surveillance State: A Preview of Your Future?” The world increasingly resembles George Orwell’s dystopian world from the book 1984. The Pegasus app is technology straight from the pages of Orwell’s book; it is the tool of dictatorships like China. But the West is far ahead of dictatorships in surveillance, as Mr. Palmer wrote:
But in terms of surveillance hardware, the West is ahead of China. America has more cctv cameras per head than China does. The United Kingdom stores 30 million to 40 million images of vehicle license plates every day, tracking the movements of most of the country’s population.
The biggest difference in the U.S. and UK is that surveillance is not used in the same heavy-handed way China does, even though your government may already be spying on you through your webcam, running facial recognition, and tracking your car far more than you realize (see Robert Morley’s article “Is the Government Reading Your E-mail?”).
Throughout history, governments have wanted to control their citizens—and have used every possible tool to do so.
The government is already leveraging technology for massive surveillance of law-abiding citizens. Trumpet editor in chief Gerald Flurry has been warning for years that America is quickly becoming a dictatorship, and that it has been prophesied in the Bible. Government surveillance has always gone hand in glove with government dictatorship. Mr. Flurry writes in his booklet America Under Attack:
Let’s not be naive and think something like that could never happen here. Our forefathers weren’t stupid. They wanted to guarantee Americans’ freedom. They really knew that God is a God of freedom; He wants us to be free. That’s a gift from God, and they understood that!
The technology for 1984 to become reality is already here, and spyware like Pegasus is only one of many ways our freedoms are being eroded away. It does not take much imagination to see how such technology in the hands of the wrong leaders could quickly turn America into a dystopian dictatorship.
Please read Mr. Flurry’s free booklets America Under Attack and Great Again to prove for yourself what the Bible prophesies to come to pass right now and what the Bible teaches on how to have real freedom.