Explainer: How to find out if your phone was infected with the Pegasus spyware

Pegasus spyware can be covertly installed on your phone by exploiting vulnerabilities in apps and tools, thus using your own phone to spy on you.

Published: 22nd July 2021 08:09 AM  |   Last Updated: 22nd July 2021 09:28 AM   |  A+A-

Hacking, Cyber Crime, Spyware

Representational Image

By Express News Service

Pegasus spyware can be covertly installed on your phone by exploiting vulnerabilities in apps and tools, thus using your own phone to spy on you. It has turned into a global focal point as a tool that undermines democratic rights of individuals. Here is an explainer on what the spyware is all about.


  • Pegasus is a spyware that can be installed on mobile phones without the user even getting to know about it

  • It can target Apple iOS and Android devices, and is even able to infect the latest iOS versions, including the iOS 14.6

  • The spyware can use your phone camera, and even copy/send messages


  • It can monitor all communications from your phone, including emails, text messages, and even the web searches you have done

  • It can help track the user through location identification and can track your calls too

  • Your phone will be used to spy on you, because the phone’s camera and microphone are used for surveillance


  • It impersonates applications downloaded on an iPhone

  • Then it is transmitted through push notifications using the Apple servers

  • The spyware can infect your phone by exploiting the photo app, the Apple Music app, or a zero-click iMessage

  • iMessage is an Apple Inc-developed instant messaging service launched in 2011 to work on Apple platforms like iPadOS, macOS, iOS and watchOS


  • Israeli firm NSO group

  • The company is also known as Q Cyber Technologies. The use of Pegasus had been justified by the developers for targetting terrorist organisations and criminals, but it has also found favour among authoritarian leaders to spy on opponents as well as journalists

  • Human rights group Amnesty International helped reveal this month that the spyware was being exploited for misuse to target political opponents, critiques and journalists in violation of democratic principles


  • It runs slower than usual

  • Noticeable performance drop

  • You notice apps crashing while using them


  • A tool called Mobile Verification Toolkit (MVT) can detect Pegasus. It can help you know if Pegasus has installed itself on your phone

  • The advantage is that this tool can work on iOS and Android devices, but due to more pronounced forensic traces it is easier to do so on the former than the latter


  • Israel's NSO Group developed it in 2016. It first came out into the open in 2018 when a phone of a human rights activist in Israel was the target of an infection attempt

  • Its popularity grew due to data on its capabilities in maintaining surveillance in a cov- ert manner targeting individuals and organisations

  • In August 2020, NSO Group reportedly sold the spyware to United Arab Emirates to help it maintain surveillance on anti-regime elements and not-so-friendly nations

Pernicious Pegasus

The powerful spyware can sneak into your phone in at least two easy ways. Unlike in the past — when a non-techsavvy generation could be nudged to click on malicious links — Pegasus infections can now be achieved through “zeroclick” attacks, requiring no user interaction whatsoever.

These zero-click security breaches can occur via mail apps, p2p device protocols, WhatsApp, or even the graphics library — a simple unanswered WhatsApp call can place the Pegasus code on your device.

These attacks often rely on another deeper vulnerability known as “zeroday”, which are the loopholes in a mobile OS that a phone manufacturer doesn’t know about.


Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.

flipboard facebook twitter whatsapp