Here’s How You Can Tell If Your Phone Has Pegasus Israeli Spyware

WhatsApp might tout itself as a secure platform, but even that hasn’t helped its users from being attacked by the Pegasus spyware said to have been developed by an Israeli cyber technology firm.

A report in The Indian Express says the attack seems to have been targeted towards journalists, lawyers, Dalit activists, and at least two dozen academics. Chances are there could be more.

Pegasus is believed to allow anyone access to your phone’s files, messages, images. Basically, everything!

So, is there a way to know whether you have been affected by Pegasus? What happens if you have been compromised? We explain.

  1. What is Pegasus Spyware?
    Developed by NSO Group Technologies,
    an Israeli technology cybersecurity firm,
    Pegasus is a program that allows the
    controller (a person who has injected
    the spyware) access to the infected
    smartphone’s microphone, camera and
    one can even gain access to messages,
    emails, and collect location data too.

As per a Kaspersky report, Pegasus even
allows you to listen to encrypted audio
streams and read encrypted messages.
Basically, the hacker has access to the
entire phone.

As per the NSO Group, the program has
been sold only to vetted government
agencies and is intended to fight against
terrorism and crime.

The Kaspersky report also mentions that
Pegasus was discovered in 2017 thanks
to Ahmed Mansoor, a UAE human rights
activist, who happened to be one of its target.

He received several SMSs which he
believed to contain malicious links and
then took his phone to cybersecurity
experts from Citizen Lab who, with the
help of another cybersecurity firm
Lookout, found it to be spyware (later
dubbed Pegasus).

However, the origin of the spyware can
be traced back to 2016. It affects both
Android and iOS devices

2.How Do You Know If You Have
Been Affected?

Pegasus spyware is nearly impossible to
detect. As per a report in Financial
Times, a phone can be infected with
Pegasus just by calling it via WhatsApp.
The user doesn’t even have to pick up
the call and the phone will still get
infected. You can also send it via email
and SMS

Pegasus is a sophisticated spyware
which has some anti-forensic and self
destruct features. This makes it difficult
to detect. Even if it is uninstalled later,
it doesn’t leave any traces and there is
no way to tell whether the device was

Your phone does not show any lags or
visible signs when it has been infected
by Pegasus.
Since WhatsApp has filed a lawsuit
against NSO Group, it has also come to
light that the Facebook-owned
messaging platform has information
about the affected users although it

Also, WhatsApp has been sending alert
messages to the list of affected users
asking them to update to the latest
version of the app. Till now, the
message from WhatsApp is the only
visible indicator that tells you whether
your phone has been affected.

Citizen Lab is also sending alert
messages to affected users.

If you want to be absolutely sure
whether your phone has been
compromised or not, it’s best to consult
a cybersecurity expert

3.Does it Affect Other Apps?
Pegasus allows the controller to access
the phone’s mic and camera, but
nowhere does it mention that it can
affect other applications

Yes, the controller can have access to
files, images and even read encrypted
messages and emails, but there is
uncertainty to whether it allows them

4. What to Do If Your Phone Is
Affected by Pegasus?
Many security experts and analysts have
said that the only way to get completely
rid of Pegasus is to discard the phone
that has been affected.

Once you have replaced the device,
ensure that all the apps that you install
are up-to-date and have the latest
software version.

According to Citizen Lab, even a Factory
Data Reset of the phone doesn’t get rid
of the Pegasus spyware. It lets attackers
continue to access your online accounts
even after your device is no longer

In order to ensure your online accounts
are safe, you should also change the
passwords of all the cloud-based
applications and services that you were
using on the infected device.