The Pegasus spyware scandal has sparked serious privacy concerns and outcry around the world. But what lifted the veil on the global sensation was a fake image file mistakenly left on an activist’s iPhone.
The Peg ASUS spyware, developed by NSO Group, was used to hack into the smartphones of journalists, activists and government officials, including iPhones, multiple media outlets reported last July.
While dozens of smartphones were found to have been successfully compromised by the tool, investigations at the time determined that the tool was following more than 50,000 phone numbers.
The investigation has led to further scrutiny of Pegasus, NSO Group and governments that use the tool for surveillance. However, the entire scandal only became known due to a fake image file discovered earlier that year.
While Pegasus can completely hide behind the scenes to steal user data and erase all traces. But a mistake resulted in a fake image file being left on the iPhone of Saudi Arabian activist Loujain al-Hathloul.
In February 2021, after she was released on suspicion of endangering national security, al-Hathloul received an email from Google warning that state-sponsored hackers were trying to attack her Gmail account. Fearing that her iPhone was also hacked, she asked Citizen Lab to inspect the smartphone for any potential evidence.
It was discovered six months later that a Pegasus glitch meant it had left a malicious file on the device. The document was later determined to be direct evidence that Pegasus was produced by the NSO Group. Citizen Lab researcher Bill Malzak said: “It’s a game-changer. We’re catching what the company didn’t think it could.”
Sources familiar with the incident said the document was used to identify a blueprint for a hacker using Pegasus, which allowed Apple to notify thousands of potential victims about the breach. It also helped Apple release an update to fix a vulnerability used by Pegasus, and later launched a lawsuit against NSO itself.
While NSO Group has investigated the allegations and faces considerable pressure to quit, it appears that spyware-based surveillance could be around for quite some time. In January, it was revealed that Israeli police had used Pegasus for warrantless surveillance, and the FBI was said to have considered using the spyware at one point.