Security News > 2021 > July > Leaked NSO Group Data Hints at Widespread Pegasus Spyware Infections

Leaked NSO Group Data Hints at Widespread Pegasus Spyware Infections
2021-07-19 15:56

Israeli-based NSO Group is being blasted in a groundbreaking report that alleges that the company's controversial Pegasus malware is being used to target activists, journalists, business executives and politicians on a widespread level, using a variety of exploits - including a zero-click zero-day in iOS. A consortium of journalists leveled the allegations in a report called Pegasus Project, which was published Sunday.

It examined leaked data from the NSO Group, which revealed a cache of more than 50,000 mobile phone numbers worldwide that the firm was storing, according to the report published by the Guardian newspaper.

The report accuses NSO Group of selling its spy tool, Pegasus, to unidentified third-parties, including governments, who then use it to infect the phones of dissidents and other people who may be critical of a given regime.

The Guardian, along with 16 additional media organizations, concluded that the NSO Group's Pegasus malware is in widespread use and used to target more than just criminals and terrorists, as the company insists are the primary and only targets of its spyware.

"The presence of a phone number in the data does not reveal whether a device was infected with Pegasus or subject to an attempted hack. However, the consortium believes the data is indicative of the potential targets [that] NSO's government clients identified in advance of possible surveillance attempts," according to the report.

Forensic analysis of leaked NSO Group data "Suggested" the Pegasus spyware was used by Saudi Arabia and UAE to target phones of people close to murdered Washington Post journalist Jamal Khashoggi in the months after his death.


News URL

https://threatpost.com/nso-group-data-pegasus/167897/