[1] While NSO Group markets Pegasus as a product for fighting crime and terrorism, governments around the world have routinely used the spyware to surveil journalists, lawyers, political dissidents, and human rights activists.
[7] Cyber watchdog Citizen Lab and Lookout Security published the first public technical analyses of Pegasus in August 2016 after they captured the spyware in a failed attempt to spy on the iPhone of a human rights activist.
"[12][13] NSO Group has published sections of contracts which require customers to use its products only for criminal and national security investigations and has stated that it has an industry-leading approach to human rights.
Emirati human rights defender Ahmed Mansoor received a text message promising "secrets" about torture happening in prisons in the United Arab Emirates by following a link.
[28] In December 2020, an Al Jazeera investigative show The Hidden is More Immense covered Pegasus and its penetration into the phones of media professionals and activists; and its use by Israel to eavesdrop on both opponents and allies.
[36] In April 2017, after a Lookout report, Google researchers discovered Android malware "believed to be created by NSO Group Technologies" and named it Chrysaor (Pegasus' brother in Greek mythology).
[41][42] Apple Inc in a lawsuit against US-based cybersecurity startup, Corellium, alleged that it sold its virtualization technology to the NSO group and other such "bad actors" and actively encouraged them to find 0-day exploits.
On January 16, 2024, Kaspersky Labs announced in a press release a new method of detecting the spyware for iOS devices that involved inspecting the shutdown.log file, which logs reboot events, for indicators of compromise.
[50] A UN special rapporteur on freedom of opinion found that the use of the spyware by abusive governments could "facilitate extrajudicial, summary or arbitrary executions and killings, or enforced disappearance of persons.
[57] In February 2022, an investigation by Citizen Lab and Amnesty International revealed that the Pegasus spyware was used to infect the devices of a lawyer, an online journalist, and a mental health counsellor in Bahrain.
Experts claimed that he was hacked days after posting tweets about Moosa Mohammed, the Bahraini activist who protested the executions in Bahrain and climbed to the roof of the country's embassy in London.
[78] In November 2021, Lajos Kósa, head of a parliamentary defense and law enforcement committee, was the first Hungarian senior official who acknowledged that the country's Interior Ministry purchased and used Pegasus.
"[75] In late 2019, Facebook initiated a suit against NSO, claiming that Pegasus had been used to intercept the WhatsApp communications of a number of activists, journalists, and bureaucrats in India, leading to accusations that the Indian government was involved.
[83] Phone numbers of Indian ministers, opposition leaders, ex-election commissioners and journalists were allegedly found on a database of NSO hacking targets by Pegasus Project in 2021.
[118] The Mexican armed forces have taken on an ever more prominent role during Obrador's presidency, and may have grown into an independent power center capable of autonomously spying on civilian detractors and critics, with the government powerless to reign in its abuses.
[136] Citizen Lab revealed that several members of political opposition groups in Poland were hacked by Pegasus spyware, raising alarming questions about the Polish government's use of the software.
Citizen Lab's October report[156] stated with high confidence that NSO's Pegasus had been placed on the iPhone of Saudi dissident Omar Abdulaziz, one of Khashoggi's confidantes, months before.
[158] NSO CEO Shalev Hulio stated that the company had not been involved in the "terrible murder", but declined to comment on reports that he had personally traveled to the Saudi capital Riyadh for a $55 million Pegasus sale.
The presence of "New systems that allow to hack into phones" has also been confirmed by the opposition politician and former chairman of the National Assembly Committee for Defence and Security Juraj Krúpa (SaS party) who warned that SIS had its powers expanded and can now spy on citizens without the need for court approval.
[185] On 24 September 2021, The Guardian reported that the telephone of Alaa al-Siddiq, executive director of ALQST, who died in a car accident in London on 20 June 2021, was infected with the Pegasus spyware for 5 years until 2020.
[186] In October 2021, the British High Court ruled that agents of Mohammed bin Rashid Al Maktoum used Pegasus to hack the phones of his (ex)-wife, Princess Haya bint Hussein, her solicitors (including baroness Fiona Shackleton), a personal assistant and two members of her security team in the summer of 2020.
[40] In July 2021, it was revealed that the phone numbers of about a dozen U.S. citizens – including diplomats, journalists, aid workers, and dissident expatriates – were on a list of prospective targets for Pegasus infiltration, but it was not known whether an attack was ever attempted or completed against any of their devices.
Among the phone numbers discovered on the list were those of the Obama administration's chief negotiator of the Joint Comprehensive Plan of Action as well as those of several United Nations diplomats residing in the U.S. NSO Group has said that Pegasus is not deployed against any device located within the territory of the U.S., but it has been suggested that U.S. citizens can become targets when abroad.
[197] In January 2022, it was reported that the Federal Bureau of Investigation had secretly bought the Pegasus spyware in 2019 and had seen a demonstration of Phantom, a newer tool capable of targeting American phone numbers.
[61] In March 2023, President Joe Biden signed an executive order that prohibited "operational use by the United States Government of commercial spyware that poses risks to national security or has been misused by foreign actors to enable human rights abuses around the world.
[205] A leak of a list of more than 50,000 telephone numbers believed to have been identified as those of people of interest by clients of NSO since 2016 became available to Paris-based media nonprofit organisation Forbidden Stories and Amnesty International.
[211] On 26 January 2022, the reports revealed that mobile phones of Lama Fakih, a US-Lebanese citizen and director of crisis and conflict at Human Rights Watch, were repeatedly hacked by a client of NSO Group at a time when she was investigating the 2020 Beirut explosion that killed more than 200 people.
[212] In July 2021, a joint investigation conducted by seventeen media organisations, revealed that Pegasus spyware was used to target and spy on heads of state, activists, journalists, and dissidents, enabling "human rights violations around the world on a massive scale".
The investigation identified 11 countries as NSO clients: Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Togo, and the United Arab Emirates.
Russell Brandom of The Verge commented that the reward offered in Apple's bug-bounty program maxes out at $200,000, "just a fraction of the millions that are regularly spent for iOS exploits on the black market".