Pegasus exploits “zero-click” vulnerabilities, meaning that Apple users don’t even need to install software to prompt the attack. The malware can be delivered through images attached to PassKit, sent from a fake iMessage account, making it very hard for users to tell when they’re being surveilled.
“This latest find shows once again that civil society is targeted by highly sophisticated exploits and mercenary spyware.” – Citizen Lab
Citizen Lab first discovered the security gap when they were checking the device of a Washington DC-based civil society employee. After discovering Pegasus’ mercenary spyware on the device, they immediately disclosed their findings to Apple.
The NSO Group first developed Pegasus back in 2011, and the Israeli spyware has since claimed a number of high-profile victims including the president of France Emmanual Macron, and the president of the European Council Charles Michel.
Pegasus tends to be deployed against political opponents and dissidents, making it unlikely for regular users to be targeted. However, if you’re not keen on taking chances, here’s how to protect yourself from the spyware.
