Pegasus: The phantom threat lurking in your phone | The Business Standard
Skip to main content
  • Latest
  • Economy
    • Banking
    • Stocks
    • Industry
    • Analysis
    • Bazaar
    • RMG
    • Corporates
    • Aviation
  • Videos
    • TBS Today
    • TBS Stories
    • TBS World
    • News of the day
    • TBS Programs
    • Podcast
    • Editor's Pick
  • World+Biz
  • Features
    • Panorama
    • The Big Picture
    • Pursuit
    • Habitat
    • Thoughts
    • Splash
    • Mode
    • Tech
    • Explorer
    • Brands
    • In Focus
    • Book Review
    • Earth
    • Food
    • Luxury
    • Wheels
  • More
    • Sports
    • TBS Graduates
    • Bangladesh
    • Supplement
    • Infograph
    • Archive
    • Gallery
    • Long Read
    • Interviews
    • Offbeat
    • Magazine
    • Climate Change
    • Health
    • Cartoons
  • বাংলা
The Business Standard

Saturday
June 14, 2025

Sign In
Subscribe
  • Latest
  • Economy
    • Banking
    • Stocks
    • Industry
    • Analysis
    • Bazaar
    • RMG
    • Corporates
    • Aviation
  • Videos
    • TBS Today
    • TBS Stories
    • TBS World
    • News of the day
    • TBS Programs
    • Podcast
    • Editor's Pick
  • World+Biz
  • Features
    • Panorama
    • The Big Picture
    • Pursuit
    • Habitat
    • Thoughts
    • Splash
    • Mode
    • Tech
    • Explorer
    • Brands
    • In Focus
    • Book Review
    • Earth
    • Food
    • Luxury
    • Wheels
  • More
    • Sports
    • TBS Graduates
    • Bangladesh
    • Supplement
    • Infograph
    • Archive
    • Gallery
    • Long Read
    • Interviews
    • Offbeat
    • Magazine
    • Climate Change
    • Health
    • Cartoons
  • বাংলা
SATURDAY, JUNE 14, 2025
Pegasus: The phantom threat lurking in your phone

Tech

Nasif Tanjim
17 August, 2024, 02:20 pm
Last modified: 17 August, 2024, 02:27 pm

Related News

  • Cybersecurity: Making it a boardroom priority
  • Meta's WhatsApp says spyware company Paragon targeted users in two dozen countries
  • Why are Bangladeshi banks so susceptible to cybersecurity breaches?
  • As China hacking threat builds, Biden to order tougher cybersecurity standards
  • US official fighting Chinese telecom intrusions urges more encryption

Pegasus: The phantom threat lurking in your phone

The invasive spyware exploits undiscovered vulnerabilities, or bugs, in Android and iOS. This means a phone could be infected even if it has the latest security patch installed

Nasif Tanjim
17 August, 2024, 02:20 pm
Last modified: 17 August, 2024, 02:27 pm
Illustration: TBS
Illustration: TBS

Today, our smartphones have become extensions of our personal and professional lives.

Since our digital footprints are as ubiquitous as real ones, the idea of an invisible observer lurking within these devices is both chilling and unsettling, as well as a massive invasion of our privacy.

That is why Pegasus, an insidious spyware, can be considered the single biggest threat to privacy ever.

A spyware is any malicious software designed to enter your computer device, gather your data, and forward it to a third-party without your consent.

The Business Standard Google News Keep updated, follow The Business Standard's Google news channel

Pegasus today has become a byword for invasive surveillance. Its origins can be traced back to 2010, when the Israeli firm NSO Group was founded by Niv Carmi, Omri Lavie, and Shalev Hulio.

The company marketed Pegasus as a tool for governments to combat terrorism and crime, offering them unprecedented access to the devices of suspects. Unlike other spyware, Pegasus is not an off-the-shelf product but a bespoke tool tailored for specific targets, making it particularly attractive to state actors.

However, the true scale of Pegasus's deployment came to light in July 2021, with the publication of the Pegasus Project by a consortium of 17 media organisations, including The Guardian, Le Monde, and The Washington Post, in collaboration with Amnesty International and Forbidden Stories.

This investigation revealed that Pegasus had been used to target over 50,000 phone numbers worldwide, belonging to journalists, activists, business executives, and politicians.

How Pegasus works

Many experts believe Pegasus is the most powerful spyware created till date. It is designed to infiltrate smartphones — both Android and iOS — and turn them into surveillance devices.

Pegasus exploits undiscovered vulnerabilities, or bugs, in Android and iOS. This means a phone could be infected even if it has the latest security patch installed.

A previous version of the spyware from 2016 infected smartphones using a technique called "spear-fishing": text messages or emails containing a malicious link were sent to the target. It depended on the target clicking the link — a requirement that was done away with in subsequent versions.

By 2019, Pegasus could infiltrate a device with a missed call on WhatsApp and could even delete the record of this missed call, making it impossible for the user to know they had been targeted.

Once inside a device, Pegasus can access messages, emails, photos, and even control the camera and microphone, turning the smartphone into a real-time surveillance tool.

Pegasus attacks across the world

The Jamal Khashoggi case: One of the most high-profile cases linked to Pegasus is the murder of Saudi journalist Jamal Khashoggi. According to reports, Pegasus was used to target Khashoggi's inner circle, including his fiancée Hatice Cengiz and close associates, before and after his assassination in the Saudi consulate in Istanbul in 2018.

Mexican journalists and activists: In Mexico, Pegasus was used extensively to target journalists and activists, particularly those investigating corruption and organised crime. One of the most notable cases involved the surveillance of journalist Carmen Aristegui, who was known for her work exposing corruption at the highest levels of the Mexican government.

Bangladesh and Pegasus

In 2018, Canada-based cybersecurity organisation Citizen Lab documented suspected Pegasus infections in 45 locations. Bangladesh was named among the locations mentioned in their list.

Between August 2016 and August 2018, Citizen Lab scanned the internet for servers associated with NSO Group's Pegasus spyware. They found 1,091 IP addresses that matched its fingerprint and 1,014 domain names that pointed to the addresses.

Citizen Lab identified five operators that they believed were focusing on Asia. One operator, GANGES, used a politically themed domain signpetition[.]co, to infect devices in Bangladesh, India, Pakistan, Brazil and Hong Kong.

After analysing the DNS cache hits, they suspected Bangladesh Telecommunications Company Limited (BTCL) of being infected by the spyware for political targeting. Bangladesh's then Posts and Telecommunications Minister Mustafa Jabbar, denied such allegations.

Article 43(B) of the Bangladesh Constitution safeguards citizens' privacy of correspondence and communication. Section 63 of the ICT Act, 2006 provides penalty for disclosure of confidential and private electronic record, book, register, correspondence, information, document, or other material without consent of the person concerned.

The ethical dilemma

The NSO Group insists that Pegasus is a legitimate tool for law enforcement and intelligence agencies, emphasising that it is only sold to vetted government clients.

However, the cases outlined above, along with numerous others, suggest that Pegasus has been misused on a global scale, targeting individuals far removed from the realms of terrorism or crime.

On the other hand, the potential for abuse is immense, with little transparency or oversight governing how these tools are used.

Legal and regulatory responses

The revelations about Pegasus have prompted legal and regulatory actions around the world.

In the US, the Biden administration blacklisted the NSO Group in November 2021, citing concerns that Pegasus had been used to "conduct transnational repression." This move severely restricted the company's ability to do business with American firms and marked a significant shift in the global stance on spyware.

In Europe, the European Parliament launched an inquiry into the use of Pegasus and similar spyware within the EU, particularly in Poland and Hungary, where the software was allegedly used against political opponents and independent journalists.

The inquiry has led to calls for stricter regulations and greater accountability for companies that develop and sell spyware.

Detecting Pegasus

Because of its discreet installation, Pegasus could only be identified through digital forensics in the past. Kaspersky Labs has developed a tool that extracts, analyses, and parses the shutdown.log file, making it easier to locate any malicious signatures. For optimal results, it is crucial to reboot the device on the same day it gets infected with Pegasus.

Amnesty International has recently launched the Mobile Verification Toolkit, a powerful open-source utility that aims to identify any signs of Pegasus.

The software operates on a personal computer and examines data, including backup files exported from an iPhone or Android phone.

Pegasus / Cybersecurity / Spyware

Comments

While most comments will be posted if they are on-topic and not abusive, moderation decisions are subjective. Published comments are readers’ own views and The Business Standard does not endorse any of the readers’ comments.

Top Stories

  • Logo of National Citizen Party (NCP)
    People won't accept election date before July Charter is implemented: NCP on Yunus-Tarique meeting
  • Yunus-Tarique meeting: Jamaat says outcome positive for democracy, IAB says dispelled uncertainty from politics
    Yunus-Tarique meeting: Jamaat says outcome positive for democracy, IAB says dispelled uncertainty from politics
  • Taskeen Ahmed, DCCI president. Illustration: TBS
    'Will boost business confidence': DCCI welcomes agreement between Yunus-Tarique on election

MOST VIEWED

  • Wreckage of a Boeing 787 Dreamliner showing part of its registration "VT-ANB" in Ahmedabad, India, June 12, 2025. REUTERS/Amit Dave
    Air India Dreamliner crashes into Ahmedabad college hostel, kills over 290
  • File Photo of Chief Adviser Muhammad Yunus: UNB
    Prof Yunus to receive Harmony Award from King Charles today
  • Energy adviser Fouzul Kabir Khan with other government officials during a visit to Sylhet gas field on 13 June 2025. Photo: TBS
    I would disconnect gas supply to every home in Dhaka if I could: Energy adviser
  • Bangladesh Bank Governor Ahsan H Mansur. TBS Sketch
    Bangladesh mulls settlements with tycoons over offshore wealth: BB governor tells FT
  • UCB declares no dividend for 2024 to comply with regulatory requirement
    UCB declares no dividend for 2024 to comply with regulatory requirement
  • UK Prime Minister Keir Starmer, Chief Adviser Muhammad Yunus
    Disclosure of unconfirmed Yunus-Starmer meeting shows ‘diplomatic imprudence’: Analysts

Related News

  • Cybersecurity: Making it a boardroom priority
  • Meta's WhatsApp says spyware company Paragon targeted users in two dozen countries
  • Why are Bangladeshi banks so susceptible to cybersecurity breaches?
  • As China hacking threat builds, Biden to order tougher cybersecurity standards
  • US official fighting Chinese telecom intrusions urges more encryption

Features

Photos: Collected

Kurtis that make a great office wear

7h | Mode
Among pet birds in the country, lovebirds are the most common, and they are also the most numerous in the haat. Photo: Junayet Rashel

Where feathers meet fortune: How a small pigeon stall became Dhaka’s premiere bird market

2d | Panorama
Illustration: Duniya Jahan/ TBS

Forget Katy Perry, here’s Bangladesh’s Ruthba Yasmin shooting for the moon

3d | Features
File photo of Eid holidaymakers returning to the capital from their country homes/Rajib Dhar

Dhaka: The city we never want to return to, but always do

4d | Features

More Videos from TBS

No Cash in ATMs: System Glitch or Something Deeper?

No Cash in ATMs: System Glitch or Something Deeper?

1h | TBS Today
Iran-Israel military power; who is ahead?

Iran-Israel military power; who is ahead?

3h | TBS World
Did the possibility of an Iran nuclear deal set back after the attack?

Did the possibility of an Iran nuclear deal set back after the attack?

5h | TBS World
IRGC chief Major General Hossein Salami killed in Israeli strike

IRGC chief Major General Hossein Salami killed in Israeli strike

6h | TBS World
EMAIL US
contact@tbsnews.net
FOLLOW US
WHATSAPP
+880 1847416158
The Business Standard
  • About Us
  • Contact us
  • Sitemap
  • Advertisement
  • Privacy Policy
  • Comment Policy
Copyright © 2025
The Business Standard All rights reserved
Technical Partner: RSI Lab

Contact Us

The Business Standard

Main Office -4/A, Eskaton Garden, Dhaka- 1000

Phone: +8801847 416158 - 59

Send Opinion articles to - oped.tbs@gmail.com

For advertisement- sales@tbsnews.net