What is Pegasus spyware + how to remove it from your mobile device?
October 06, 2023 4 min
Pegasus is an advanced form of spyware designed to install itself on Android and iOS devices without any action from the targeted user. Although not a widespread cybersecurity threat, its use by governments around the world has caused concern. Learn more about Pegasus spyware and how to detect and remove it if your phone is infected. Then, help protect your phone from other, more common forms of spyware and malware with Norton 360 Deluxe.
Pegasus spyware was designed by Israeli cyber-intelligence company, NSO Group, to access sensitive information on the devices of terrorists, criminals, and other people identified as potential threats to the interests of the Israeli government. Pegasus spyware can infect an iPhone or Android device without any action from the victim, and it can track phone calls, location, text messages, and emails.
How does Pegasus spyware work?
Pegasus spyware infects the victim’s phone through zero-click exploits, meaning the victim doesn’t need to click a link or take any other action to trigger the spyware on their device. Once installed on an Android or iOS device, Pegasus can secretly monitor and collect sensitive data by:
Pegasus spyware monitors and collects a wide range of sensitive mobile data.
What is the NSO Group?
The NSO Group is an Israeli cyber-intelligence company specializing in advanced and highly targeted surveillance technology, like the Pegasus software that it licenses to various government security agencies worldwide.
The company came under intense scrutiny in 2021, when it was discovered that Pegasus spyware had been employed by dubious state actors to commit human rights violations by illegally surveilling politicians, dissidents, and journalists.
This alarming use of the Pegasus program by potentially adversarial foreign powers resulted in the Biden administration placing the NSO Group on the United States Entity List, marking it as a potential threat to US national security interests.
How to detect Pegasus spyware
Pegasus malware is an incredibly sophisticated spyware tool that makes it challenging to detect and invisible to most commercial anti-malware software. But a tool known as the Mobile Verification Toolkit (MVT) enables users to detect advanced Spyware like Pegasus on their devices.
Using MVT is a complex process that requires a Linux or macOS device, and it should be attempted only by a cyber-security expert. But thankfully, Pegasus’ stealth technology also makes it very expensive, so regular people are seldom targeted. Unless you’re an activist, politician, journalist, or other high-profile figure, it’s extremely unlikely that your device is infected or will be targeted.
It’s possible to scan for and remove Pegasus spyware by running MVT on a Linux or macOS device linked to an infected iPhone or iPad. But MVT is designed to be used by security professions with an understanding in digital forensic analysis — not everyday iPhone users. If you’re truly concerned that your iPhone might be infected with Pegasus spyware, it’s strongly recommended you consult an expert.
How to remove Pegasus spyware from an Android
The process for removing Pegasus from an Android device is similar to that for an iPhone — MVT can be downloaded to a paired Linux or macOS machine and used to scan for the malicious spyware.
MVT was designed for professional investigators, so it’s best to consult an expert if you suspect you are being tracked by Pegasus spyware via your Android device. Detecting and removing more commonplace malware from Android and other devices is usually more straightforward.
Help protect your phone from spyware
While Pegasus is rarely a threat to the average person, there is a lot of other dangerous malware out there, including new and emerging types of invasive spyware.
That’s why it’s important to use strong cybersecurity software to keep your device protected. Norton 360 Deluxe is a comprehensive security and anti-malware app that can help detect, block, and remove security threats. Plus, it features a built-in, bank-grade VPN to encrypt your connection and help keep your communications private.
Pegasus software was developed by NSO Group, an Israeli cyber-arms company that licenses its use to government agencies, law enforcement, and militaries around the world. Private individuals are extremely unlikely to get access to or use Pegasus spyware.
Does the U.S. government use Pegasus spyware?
Although a U.S. version of Pegasus exists, which has apparently been tested for use by the FBI, it is not authorized for use against Americans on U.S. soil and is not known to be in use by any U.S. agencies or law enforcement. Some American citizens — including State Department employees — were targeted by Pegasus spyware while abroad, causing the NSO Group to be blacklisted by the U.S. government.
Who uses Pegasus spyware?
Government agencies, law enforcement, and the military are the main users of Pegasus spyware. It was developed by the NSO Group to surveil criminals and terrorists — but in practice, it’s also been used to spy on government officials, journalists, political opponents, activists, and others.
Emily Nemchick is a cybersecurity writer whose work focuses on emerging cyber threats, like online scams. She also has a particular interest in the importance of online privacy in fraud prevention. In her spare time, she enjoys reading mystery books and riding her bike through the countryside.
Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc.