What is Pegasus spyware + how to remove it from your mobile device?

Pegasus is an advanced form of spyware designed to install itself on Android and iOS devices without any action from the targeted user. Although not a widespread cybersecurity threat, its use by governments around the world has caused concern. Learn more about Pegasus spyware and how to detect and remove it if your phone is infected. Then, help protect your phone from other, more common forms of spyware and malware with Norton 360 Deluxe.

Pegasus spyware explained

Pegasus spyware was designed by Israeli cyber-intelligence company, NSO Group, to access sensitive information on the devices of terrorists, criminals, and other people identified as potential threats to the interests of the Israeli government. Pegasus spyware can infect an iPhone or Android device without any action from the victim, and it can track phone calls, location, text messages, and emails.

How does Pegasus spyware work?

Pegasus spyware infects the victim’s phone through zero-click exploits, meaning the victim doesn’t need to click a link or take any other action to trigger the spyware on their device. Once installed on an Android or iOS device, Pegasus can secretly monitor and collect sensitive data by:

• Reading text messages and emails
• Accessing the microphone and camera
• Listening in on phone calls
• Recording passwords using a keylogger
• Tracking the phone’s location
• Surveilling app usage

The information Pegasus collects is then secretly uploaded to NSO Group’s cloud servers for storage and analysis. Originally developed as an intelligence-gathering tool with the aim of preventing terrorist attacks, Pegasus spyware has controversially been used to hack the phones of activists, journalists, and even heads of state.

What is the NSO Group? 

The NSO Group is an Israeli cyber-intelligence company specializing in advanced and highly targeted surveillance technology, like the Pegasus software that it licenses to various government security agencies worldwide.

The company came under intense scrutiny in 2021, when it was discovered that Pegasus spyware had been employed by dubious state actors to commit human rights violations by illegally surveilling politicians, dissidents, and journalists.

This alarming use of the Pegasus program by potentially adversarial foreign powers resulted in the Biden administration placing the NSO Group on the United States Entity List, marking it as a potential threat to US national security interests.

How to detect Pegasus spyware 

Pegasus malware is an incredibly sophisticated spyware tool that makes it challenging to detect and invisible to most commercial anti-malware software. But a tool known as the Mobile Verification Toolkit (MVT) enables users to detect advanced Spyware like Pegasus on their devices.

Using MVT is a complex process that requires a Linux or macOS device, and it should be attempted only by a cyber-security expert. But thankfully, Pegasus’ stealth technology also makes it very expensive, so regular people are seldom targeted. Unless you’re an activist, politician, journalist, or other high-profile figure, it’s extremely unlikely that your device is infected or will be targeted.

But, if you think your device may have another form of malware, check out our detailed guide to learn how to tell if your phone is being tracked with spyware.

How to remove Pegasus spyware from an iPhone 

It’s possible to scan for and remove Pegasus spyware by running MVT on a Linux or macOS device linked to an infected iPhone or iPad. But MVT is designed to be used by security professions with an understanding in digital forensic analysis — not everyday iPhone users. If you’re truly concerned that your iPhone might be infected with Pegasus spyware, it’s strongly recommended you consult an expert.

How to remove Pegasus spyware from an Android

The process for removing Pegasus from an Android device is similar to that for an iPhone — MVT can be downloaded to a paired Linux or macOS machine and used to scan for the malicious spyware.

MVT was designed for professional investigators, so it’s best to consult an expert if you suspect you are being tracked by Pegasus spyware via your Android device. Detecting and removing more commonplace malware from Android and other devices is usually more straightforward.

Help protect your phone from spyware

While Pegasus is rarely a threat to the average person, there is a lot of other dangerous malware out there, including new and emerging types of invasive spyware.

That’s why it’s important to use strong cybersecurity software to keep your device protected. Norton 360 Deluxe is a comprehensive security and anti-malware app that can help detect, block, and remove security threats. Plus, it features a built-in, bank-grade VPN to encrypt your connection and help keep your communications private.

FAQs about Pegasus spyware

Can anyone get access to Pegasus spyware?

Pegasus software was developed by NSO Group, an Israeli cyber-arms company that licenses its use to government agencies, law enforcement, and militaries around the world. Private individuals are extremely unlikely to get access to or use Pegasus spyware.

Does the U.S. government use Pegasus spyware?

Although a U.S. version of Pegasus exists, which has apparently been tested for use by the FBI, it is not authorized for use against Americans on U.S. soil and is not known to be in use by any U.S. agencies or law enforcement. Some American citizens — including State Department employees — were targeted by Pegasus spyware while abroad, causing the NSO Group to be blacklisted by the U.S. government.

Who uses Pegasus spyware?

Government agencies, law enforcement, and the military are the main users of Pegasus spyware. It was developed by the NSO Group to surveil criminals and terrorists — but in practice, it’s also been used to spy on government officials, journalists, political opponents, activists, and others.