Imagine every call you make, every message you send, and every photo you share on WhatsApp, Facebook, or Telegram silently intercepted. For thousands across the globe, this isn’t paranoia—it’s the reality of Pegasus, a powerful spyware tool capable of turning any smartphone into a 24/7 surveillance device. Developed by the Israeli company NSO Group, Pegasus has become one of the most feared digital weapons of the 21st century, secretly infiltrating the phones of journalists, activists, politicians, and even world leaders.
What began as a government-sanctioned tool to fight terrorism and organized crime has spiraled into a scandal-ridden saga of repression, lawsuits, and global outrage. From leaked databases to courtroom battles, Pegasus has left behind a trail of silenced voices, shattered privacy, and urgent questions about who truly controls our digital lives.
Article Contents
The Birth of a Digital Phantom
NSO Group was founded in 2010 by Shalev Hulio and Omri Lavie, both veterans of Israel’s elite Unit 8200 intelligence corps. The company positioned itself as a provider of “lawful interception” software for governments, with exports licensed by Israel’s Ministry of Defense. Pegasus, their flagship product, lived up to its mythological namesake: a winged horse capable of soaring undetected into the lives of its targets.
By 2011, Pegasus was operational and sold to countries battling organized crime and terrorism. Mexico was an early buyer, reportedly spending over $60 million by 2023 to deploy the tool against drug cartels. But almost immediately, reports of misuse emerged. In 2016, researchers at Citizen Lab and Lookout Security caught Pegasus attempting to hack the phone of Emirati human rights activist Ahmed Mansoor. The attack revealed three previously unknown iOS vulnerabilities, forcing Apple into an emergency patch.
Despite such exposures, NSO operated in secrecy. A 2024 “Transparency and Responsibility Report” claimed to align its practices with UN human rights guidelines, but critics dismissed it as cosmetic, pointing to mounting evidence of abuse.
The Invisible Intrusion
Pegasus is designed for stealth. It can penetrate smartphones—iOS and Android alike—without leaving obvious traces. Early versions required victims to click malicious links, but by 2020 it had evolved into “zero-click” exploits. These required no interaction at all: a simple missed call, an iMessage, or even network-level vulnerabilities were enough.
Once inside, the spyware offers god-like control—reading messages, tracking locations, harvesting passwords, eavesdropping on calls, and even remotely activating cameras and microphones. Forensic reports like Citizen Lab’s 2023 BLASTPASS analysis showed how Pegasus exploited iOS 16.6 to compromise the phones of civil society workers in Washington, D.C.
To avoid exposure, Pegasus can self-destruct: if it loses contact with its command server for 60 days, it erases itself. Detection is notoriously difficult, with only a handful of forensic tools—like Amnesty’s Mobile Verification Toolkit—capable of confirming infections.
The Breaking Point
The true scale of Pegasus’s reach became clear in July 2021 with the Pegasus Project, a global investigation by Amnesty International, Forbidden Stories, and 17 media outlets. A leaked database of 50,000 phone numbers—linked to NSO clients—showed targets ranging from journalists and activists to prime ministers and presidents.
Forensic checks confirmed Pegasus infections on dozens of devices. Saudi Arabia and the UAE reportedly used it against dissidents, including associates of murdered journalist Jamal Khashoggi. In India, opposition leaders and reporters were targeted, sparking political uproar. Morocco allegedly spied on French President Emmanuel Macron, while Hungary’s Viktor Orbán monitored critics.
The fallout was seismic. The U.S. blacklisted NSO in 2021, Apple sued the company, and whistleblowers accused it of putting profit before ethics.
Human Cost Across Borders
Behind every infection is a story of silenced voices. In Mexico, Pegasus was used against journalists investigating corruption. In El Salvador, reporters at El Faro endured relentless surveillance. Bahrain and Rwanda turned it on dissidents, while European leaders—including Spain’s Prime Minister Pedro Sánchez—found their devices compromised.
By 2025, Amnesty reported Pegasus infections among Serbian journalists from BIRN. Even Israeli police were accused of unauthorized deployments at home. A WhatsApp court case revealed that more than 1,000 users across 45 countries were hit.
Legal Reckonings
NSO now faces a barrage of lawsuits. In May 2025, a U.S. jury ordered it to pay heavy damages to WhatsApp, while a July ruling revived Salvadoran journalists’ claims in U.S. courts. Yet the spyware market thrives. The Atlantic Council warned in 2025 that NSO is part of a booming global industry that continues to fuel surveillance abuses.
A Lingering Threat
As of October 2025, Pegasus is still active. Citizen Lab’s September report Exposing Pegasus: How the State Spies on You warned of the chilling effect on free speech and democracy. New incidents—like the BIRN hacks earlier this year—show the abuse is far from over.
Governments continue to purchase licenses, from Djibouti to Estonia, even as global debates on regulation drag on. Critics fear the spyware could tip elections or silence entire movements.
The Unseen Horizon
Pegasus is not just code; it is a symbol of how fragile digital freedom has become. It has shaken trust in technology, enabled repression, and blurred the line between security and abuse. Until binding global norms emerge, the winged horse will keep flying silently in the shadows, leaving privacy in ruins.
