Pegasus screenshots show how it could be used to secretly activate mic and camera

Pegasus screenshots show how it could be used to secretly activate mic and camera

August 5, 2022 0 By Ben Lovejoy

Today

The phone’s microphone has been remotely activated to allow live eavesdropping of an in-person meeting

0

A scandal surrounding the use of NSO’s Pegasus spyware by Israel’s police has provided a rare look at early screenshots of the app in action when remotely accessing a compromised smartphone.

A series of screenshots show the spyware doing everything from displaying the contents of WhatsApp messages to activating the camera to spy on the owner’s surroundings …

Quick Pegasus primer

Here’s our quick Pegasus primer for anyone unfamiliar.

NSO Group makes spyware called Pegasus, which is sold to government and law enforcement agencies. The company purchases so-called zero-day vulnerabilities (ones that are unknown to Apple) from hackers, and its software is said to be capable of mounting zero-click exploits – where no user interaction is required by the target.

In particular, it’s reported that simply receiving a particular iMessage – without opening it or interacting with it in any way – can allow an iPhone to be compromised, with personal data exposed.

NSO sells Pegasus only to governments, but its customers include countries with extremely poor human rights records – with political opponents and others targeted. 

The US government banned the import and use of Pegasus, depriving the company of its most lucrative customer base: US law enforcement agencies. Apple added to the pressure, suing the company, and alerting owners of infected iPhones. That put the company under extreme financial pressure, which may see it disappear – or may just make things worse.

Pegasus screenshots

The screenshots (above and below) came to light as a result of investigative journalism by the financial publication Calcalist into potentially illegal use of Pegasus by police within Israel. They show:

Activating the phone’s microphone to listen in live to the owner and anyone with them
Activating the phone’s camera to take snapshots of the surroundings
Listening to captured recordings of incoming & outgoing phone calls
Reading text messages
Reading WhatsApp messages

This resulted in an official investigation led by deputy attorney General Amit Merari, with the report including a presentation prepared for the cabinet of the government at the time. The slide deck was designed to show how police were using the spyware, though it is not yet known whether it was ever actually presented to ministers.

Haaretz reports on the capabilities shown in the presentation.

The screenshots demonstrate the wide range of tools that the police intended to use as soon as a device was infected. One of the images depicts a WhatsApp correspondence of a certain “John Doe,” with a woman who is identifiable by her name.

The woman was a sales manager at NSO, thus in addition to showing system capability, also showed the connection to the company. This is not the only instance. There are also details of other talks between said John Doe and five additional NSO employees.

Another capability of Seifan mentioned in the presentation is the interception of incoming and outgoing phone calls. Besides this ability, which seems to be relatively routine in the world of intelligence surveillance, there is another one known in the professional parlance as “volume listening” and is considered much more intrusive.

In simple terms it means real time wiretapping to a device’s surrounding through the remote activation of the device’s microphone. This type of wiretapping requires an order from a district court president or their deputy.

The list of capabilities the police intended to outline goes beyond wiretapping and includes remote operation of the camera on the “infected” device, an action that is very likely illegal as the law does not explicitly permit the planting of concealed cameras, and certainly does not permit the remote control of a camera by hacking a suspect’s mobile device.

NSO has had many different versions of Pegasus, and it’s unclear whether this version was ever used outside Israel, but it does align with widely-reported capabilities of a version used within the US. It was knowledge of these kind of capabilities which led to whistleblower Edward Snowden insisting that anyone meeting with him had to place their phone inside a microwave oven to block radio transmissions.

You can see the other screenshots below. Right-click and Open Image in New Tab to see full-size.

FTC: We use income earning auto affiliate links. More.

Check out 9to5Mac on YouTube for more Apple news:

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author



Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!

Ben Lovejoy’s favorite gear

You can read the original article here —> [ Read More ]

New reasons to get excited everyday.

Get the latest tech news delivered right in your mailbox

5 Reasons Why You Should Try Online Horse Race Betting

In many places around the world, horse races are an attraction that a lot of people love to watch. With the fast-paced action and thrill that each game provides, it is no longer surprising to know that millions of fans have grown fond of it.

NordLayer — more than a business VPN

Cybersecurity threats have become vast and more sophisticated. The rate of malware attacks and malicious activity counts within seconds despite the size or sector the organization belongs to — no one is safe enough to expect that foe actors will bypass vital company resources.

close

Don't miss a beat!!

We’d love to keep you updated with the latest tech news from across the internet!

Don't worry, we don’t spam!