In a new report, Citizen Lab researchers warned that sophisticated mobile spyware, dubbed Pegasus — made and sold by the Israeli company NSO Group — has been found not only on Androids and iPhones in countries with questionable human rights protections but also in the U.S. The researchers believe this cross-border surveillance likely breaks the law in the U.S. and other countries.
To become an NSO Pegasus infection victim, the operator has to trick a person into clicking a link that then delivers a chain of zero-day exploits and secretly installs Pegasus on the phone. After the malware installs on the target’s iPhone or Android phone without the user’s knowledge, it is then capable of spying via the phone’s camera and microphone. It can also steal text messages, passwords, photos, contact list, calendar events, and much more.