What is the “Pegasus” Project?
“Pegasus is a spyware suite that was developed and sold by Israeli company NSO Group to “vetted government clients”. It is used to compromise and conduct surveillance on Windows, Mac computers, and also Android and iOS smartphones.”
How it came into light
A Parisian non-profit called Forbidden Stories and Amnesty International accessed the data and shared it with 17 international media companies (The Guardian, The Washington Post, In India). On July 19th the media organizations published the investigation around a leaked list of phone numbers, nicknamed “The Pegasus Project”. The numbers are supposed to be the “target list” of phones that either have been successfully hacked or to be hacked.
Who is targeted?
The majority of numbers on the list, 15.000, are Mexico-based phones, with a large share in the Middle East. Saudi Arabia is also reported to be among NSO clients. In addition, on the lists were phones in countries including France, Hungary, India, Azerbaijan, Kazakhstan, and Pakistan.
The list contains of Arab royal family members, 64 business executives, 85 human rights activists, 600+ politicians/ government officials, 189 journalists and 50,000 extra phone numbers leaked. Some of them have cooperated with the media for forensic examination of their devices.
The NSO Group’s response
The Israeli firm NSO Group has said that the spyware is a “law enforcement tool” created to fight terrorism, gun violence etc. However, the investigation revealed the extent of the spyware usage. When speaking to the Wire through their lawyers the NSO Group claimed that the leaked list “may be part of a larger list of numbers that might have been used by NSO Group customers for other purposes” and not a “target list” Here, “NSO Group customers” refers to their “vetted governments''. Forensic analysis by Amnesty International shows that a sample set of these listed devices were indeed targeted by Pegasus. A spokesperson for the NSO Group told The Guardian “it will continue to investigate all credible claims of misuse and take the appropriate action based on the results of these investigations”.
India’s Government response
In its official statement the Central Government has called the story “bereft of facts but also founded in preconceived conclusions,” adding that “It seems you are trying to play the role of an investigator, prosecutor as well as jury.”
The government categorically stated that: “The allegations regarding government surveillance on specific people has no concrete basis or truth associated with it whatsoever.”
How does a device get infected?
The spyware can be delivered through links sent via email, common apps or SMS. All kinds of devices are vulnerable to the virus regardless of the software (ios, android, windows).
How it works
The spyware can
· Access every photo, video, email.
· Turn on your microphone even when the phone is not being used.
· Record calls and messages
· Access contact list
· Turn on your camera and record the screen.
· Access GPS and monitor the location
All of the above while remaining completely untraceable.
Why is it so important?
The software not only effectively violates the privacy of the target but functions like a dictatorial regime, since it monitors people in order to control them. It poses a great threat to democracy and is unfortunately very hard to suppress as in the 21st century technology odors.