Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Pegasus spyware scandal uncovered by fake image file on an iPhone

The scandal over NSO Group's Pegasus spyware was uncovered by a single fake image file mistakenly left on an activist's iPhone, a report states, a discovery that prompted international outcry over privacy.

In July, it was reported that spyware known as Pegasus was used to hack smartphones, including iPhones, owned by journalists, activists, and others of interest to some governments around the world. While dozens of smartphones were found to be successfully hacked by the tool, an investigation at the time determined that more than 50,000 phone numbers were of interest to users of the tool.

The investigation led to further scrutiny of Pegasus, NSO Group, and governments who use the tool for surveillance purposes. However, the entire scandal only became known about due to a fake image file discovered earlier that year.

While Pegasus can be made to hide all traces of its existence on a target's iPhone after offloading user data to its controller, a slip up resulted in a single fake image file being left on Saudi Arabia activist Loujain al-Hathloul's iPhone, reports Reuters.

After her release from jail in February 2021 on charges of allegedly harming national security, al-Hathloul received an email from Google warning that state-sponsored hackers had attempted to attack her Gmail account. After worrying her iPhone had been attacked as well, she asked Citizen Lab to check the smartphone for any potential evidence.

Six months later, it was discovered that a fault in Pegasus meant it left a single malicious file on the device. The file was later determined to be direct evidence that Pegasus was produced by NSO Group.

"It was a game-changer," said Citizen Lab researcher Bill Marczak. "We caught something that the company thought was uncatchable."

The file was used to determine a blueprint for hacks using Pegasus, which enabled Apple to notify thousands of potential victims about the intrusion, sources familiar with the incident advised. It also aided Apple in releasing an update to fix vulnerabilities Pegasus used, and later to launch a lawsuit against NSO itself.

While NSO Group has been investigated over the allegations and faces considerable pressure to quit, it seems that spyware-based surveillance could be around for quite a while. In January, it was revealed the Israeli police used Pegasus to perform warrant-less surveillance, and at one point, the FBI reportedly considered using the spyware.



5 Comments

lkrupp 19 Years · 10521 comments


While NSO Group has been investigated over the allegations and faces considerable pressure to quit, it seems that spyware-based surveillance could be around for quite a while. In January, it was revealed the Israeli police used Pegasus to perform warrant-less surveillance, and at one point, the FBI reportedly considered using the spyware.

Read on AppleInsider

Pegasus and its cousins will never be over. The genie is out of the bottle. 

Xed 4 Years · 2896 comments

I wonder how many other workarounds for iOS are out there in the wild that Apple doesn't know about.

lkrupp said:

While NSO Group has been investigated over the allegations and faces considerable pressure to quit, it seems that spyware-based surveillance could be around for quite a while. In January, it was revealed the Israeli police used Pegasus to perform warrant-less surveillance, and at one point, the FBI reportedly considered using the spyware.

Read on AppleInsider
Pegasus and its cousins will never be over. The genie is out of the bottle. 

I imagine these companies keep looking for new backdoors even after a great one is found so that they can have another solution in case one is discovered.

iqatedo 21 Years · 1812 comments

Xed said:
I wonder how many other workarounds for iOS are out there in the wild that Apple doesn't know about.

lkrupp said:

While NSO Group has been investigated over the allegations and faces considerable pressure to quit, it seems that spyware-based surveillance could be around for quite a while. In January, it was revealed the Israeli police used Pegasus to perform warrant-less surveillance, and at one point, the FBI reportedly considered using the spyware.

Read on AppleInsider
Pegasus and its cousins will never be over. The genie is out of the bottle. 
I imagine these companies keep looking for new backdoors even after a great one is found so that they can have another solution in case one is discovered.

One can gain insights by reading 'This Is How They Tell Me the World Ends' by Nicole Perlroth. 

9secondkox2 8 Years · 3148 comments

If Apple would stop building back doors, there would be nothing for these hacking companies to exploit 

alexjenn 3 Years · 17 comments

Xed said:
I wonder how many other workarounds for iOS are out there in the wild that Apple doesn't know about.

lkrupp said:

While NSO Group has been investigated over the allegations and faces considerable pressure to quit, it seems that spyware-based surveillance could be around for quite a while. In January, it was revealed the Israeli police used Pegasus to perform warrant-less surveillance, and at one point, the FBI reportedly considered using the spyware.

Read on AppleInsider
Pegasus and its cousins will never be over. The genie is out of the bottle. 
I imagine these companies keep looking for new backdoors even after a great one is found so that they can have another solution in case one is discovered.

This is why Apple should worry more about fixing and empowering security on its OS and less of rolling out a new release every single year, IMHO.

I recall something about Jobs sayng that the optimal gap between two new releases should be of 18 months.