Spyware Pegasus under investigation

On the last 18th July, a variety of journals - like The Guardian, Le Monde, The Washington Post, Süddeutsche Zeitung and many others from all over the world - primarily published the first results of a journalist investigation on the Israel company NSO Group and on the illegal usages of its spyware Pegasus, which have been collaborating in the so-called “Pegasus Project” for months. The scoop - this is all about, in this case - created a great surprise among the media and strong fears raised in the public opinion, with respect to the risks that the spyware’s development and selling, (hardly ruled) more and more put forward, bring to the health system of our democracies and to the protection of human rights.

16 warheads, coordinated by the French ONG Forbidden Stories (whose aim is “to protect, continue or publish other journalists’ work that are threatened, jailed or that have been murdered) and helped by the Security Lab of Amnesty International are currently collaborating to the investigation. Forbidden Stories and Amnesty International started the project: they gathered a list of 50.000 telephone contacts of those that are said to have been selected, since 2016, as objectives to be monitored through the usage of Pegasus; these two no-profit organizations chose to share data with a network of media organizations by 10 countries and to start an investigation on an international scale.

Pegasus is a spyware - defined by The Guardian as “maybe the most powerful ever created, at least by a private society” - that, “once it enters a phone, it can make it a monitoring device 24h/24, and you don’t even notice that”.

This software, indeed, is able to copy messages (even if they are exchanged through Whatsapp or iMessage), emails, to register calls, to collect photos and videos, to activate the camera or the mic, and the GPS of the device - and therefore able to track the owner. On one hand, in its first version, Pegasus entered into the devices through spear-phishing (the user receives a tricky message or email that contains a link that, once clicked, it installs the spyware on the device); on the other, today, the software can enter mobile phones even through the so-called attacks “zero-click”, which do not require that the user do whatever so that the infection is successful. In 2019, for instance, WhatsApp declared to have checked, through internal investigations, the infection by Pegasus of 1400 devices through a WhatsApp call: using a “zero-day” vulnerability of the app (a vulnerability of IT safety unknown to the developer), only a WhatsApp call was sufficient for Pegasus to be installed on the contacted device, without the need for an answer by the owner. It is understandable, therefore, the reason why it can be considered so dangerous.

Pegasus was born in 2011 and its creator, the NSO Group society, that talks about itself stating that “it creates tech that help agencies to prevent and to look into terrorism and crime, and to save billions of lives all over the world”, claims that it sells its products (Pegasus too) only to law enforcement and intelligence agencies that overcome accurate and detailed evaluations and that are used only to go against criminality and terrorism. This is what the society claimed in a declaration, published on the same 18th July, replying to the prosecutions by the journals involved in the “Pegasus Project”, in addition to the same Amnesty International. Agnés Callamar, the General Secretary of Amnesty International, indeed, declared that “Pegasus Project shows how the spyware of NSO has become the preferred weapon of those repressing governments that want to make journalists shut up, to attack activist people and to hit disagreement, putting a lot of lives at risk”.

As far as the core of the revelations resulted from the investigation process is concerned, within the Pegasus Project, what is challenged to the Israel society is that it sold spyware to poorly reliable governments, under the profile of respecting human rights, which have used it to overlook - clearly illegally - billions of journalists, activists, political dissidents, academies, lawyers, but also ministers, diplomats, first ministers, and so on. The warheads involved in the investigation, indeed, verified the owners’ identity of the 50.000 telephone numbers, cited on the list that Forbidden Stories and Amnesty got hold (through unknown ways), which are believed to have been selected over the years from the NSO’s clients - Pegasus’ buyers - such as targets that have to be controlled trough the spyware of Israel’s origins. The majority of numbers does not belong to murderers or terrorists, but to activists, journalists, politicians etc (some of which well known). Given that, however, the inclusion in the list does not ensure that the given contact is effectively targeted and infected, the Security Lab of Amnesty International carried out digital forensics analysis on (by now) 67 devices, whose number is on the significant list: 23 are infected and signs of an attempted infection are found on 14 of them.

It’s not possible to find, with certainty, the responsible ones (NSO does not make its clients public), but by organizing contacts into clusters - according to the origins or the activity area of the selected people - the Pegasus Project’s members managed to believe that some governments of 10 counties have organized the attacks: Azerbaijan, Bahrein, Kazakistan, Mexico, Morocco, Rwanda, Saudi Arabian, Hungary, India and United Arab Emirates.

With reference to Hungary, 10 lawyers’ contacts, an opposition political and 5 journalists appear on the list. Among them also two journalists of the Direkt36’s editorial staff, among the 16 warheads that collaborate to the Pegasus Project, whose phones have been subjected to analysis, resulting infected.

Share the post

  • L'Autore

    Irene Boggio

    IT_ Irene Boggio si è laureata in Scienze Politiche e Sociali presso l'Università degli Studi di Torino con una tesi in Analisi delle Politiche Pubbliche sul ruolo dell'expertise nel policy-making ed è prossima a conseguire la laurea magistrale in Scienze Internazionali presso la medesima università, con specializzazione in Studi Europei. E' inoltre studentessa della Scuola di Studi Superiori "Ferdinando Rossi" di Torino, sin dall'inizio del suo percorso universitario.

    EN_ Irene Boggio graduated in Political and Social Sciences at the University of Turin, with a dissertation in Public Policy Analysis on the role of expertise in policy-making. She is about to earn a masters' degree in International Studies at the same university, specializing in European Studies. She's also been a student at the "Scuola di Studi Superiori Ferdinando Rossi" of Turin right from the beginning of her academic journey.


Sections Human Rights International Security Technology and Innovation


CyberSecurity cyberintelligence cyberspionaggio Pegasus Pegasus Project Spyware Pegasus Nso Group Amnesty International sorveglianza

You might be interested in


Spyware Pegasus under investigation

Irene Boggio

What are VPNs and why we should all use them

Stefano Cavallari

The People vs. Belarus - Part III

Log in to your Mondo Internazionale account
Forgot Password? Get it back here