In a recent development, researchers have made a concerning discovery of seven new Pegasus spyware infections that have targeted journalists, government officials, and corporate executives over the past few years. This revelation sheds light on the extent of the infamous spyware’s reach, which appears to be even more widespread than previously believed. The infections were found to affect both iPhone and Android devices, indicating a broad spectrum of targets and capabilities.
The research conducted by iVerify uncovered multiple instances of Israeli company NSO Group’s spyware infecting devices through attacks launched between 2021 and 2023. These attacks targeted Apple iPhone iOS versions 14, 15, and 16.6, as well as Android devices. The findings were detailed in a blog post published on Dec. 4, revealing the extent of the compromise. The infections were detected during a scan of 3,500 devices belonging to iVerify users who had opted in for security checks.
The investigation led to the identification of various Pegasus variants present in five distinct malware types across both iOS and Android platforms. Forensic artifacts were found in diagnostic data, shutdown logs, and crash logs on the compromised devices. Matthias Frielingsdorf, co-founder of iVerify and an iOS security researcher, highlighted the alarming rate of infected devices detected during the investigation, emphasizing the potential for silent monitoring and data compromise without the users’ awareness.
The discovery challenges the assumptions made by security researchers regarding the prevalence of mobile spyware, particularly Pegasus. According to Rocky Cole, co-founder and COO of iVerify, the reach of this spyware may have been underestimated, given its ability to exploit vulnerabilities and conduct zero-click attacks to extract sensitive information from target devices. The use of Pegasus by state-sponsored actors for illegal surveillance activities against journalists, politicians, and human rights advocates has been well-documented, raising concerns about privacy and security in the digital age.
The recent findings by iVerify suggest that the threat of mobile spyware extends beyond high-profile targets to include individuals who may not be considered traditional surveillance targets. This revelation underscores the need for enhanced security measures and proactive threat-hunting to detect and prevent spyware infections effectively. It also highlights the importance of user awareness and education on mobile security best practices to mitigate the risks posed by such malicious software.
To safeguard against spyware infections, experts recommend regularly updating devices to the latest operating systems to patch vulnerabilities that could be exploited by malware. Additionally, organizations should implement endpoint detection and response (EDR) tools alongside proactive threat-hunting strategies to detect and respond to threats in real-time. Employee education on mobile security risks and preventive measures is also crucial in maintaining a secure digital environment.
In conclusion, the discovery of these new Pegasus spyware infections serves as a wake-up call for individuals and organizations to prioritize mobile security and vigilance against sophisticated threats. By staying informed, implementing best practices, and adopting proactive security measures, users can better protect themselves against the growing menace of mobile spyware.