A spyware operator’s POV

The PBS documentary series Frontline recently aired a two-part look at the Pegasus Project from the perspective of some of the journalists and targets involved. You can watch the episodes here.

Watch “Global Spyware Scandal: Exposing Pegasus”

One of the most fascinating elements of the documentary is a rare look at spyware from the point of view of an operator. We hear an account from an anonymous agent in Mexico, who details the process for infecting targets and using the Pegasus system:

I can’t give you my name, nor can I tell you which agencies I worked for. It would be dangerous for me to be recognized and make it known that I have, or have had, access to certain information.

The Pegasus system was new to us. The procedure was to have the target number do what was called social engineering, which is searching for information from open sources about the target in order to construct text messages that could be sent to the mobile device. You had to make one or two very precise attempts using information that was useful to the target so that they would want to click on the link. If we succeeded in getting them to click on the message, that automatically installed the software on the mobile device, and from then on, we could access all the information on the phone. The results were incredible because once we managed to infect a target, we had full access to the mobile device.

On a black screen, at the top left, we had the main display, and on the right side and the bottom were tabs where you had each of the applications from which information was extracted. For example, we had the icons for WhatsApp, Telegram. At the bottom we had the microphone, the cameras, the geolocation, and depending on what we were interested in, we would click on it and it would appear on the main screen. After infection, we can see even deleted information, whether that was photos or conversations, we could always have access to them.

It’s easy to see how such a powerful tool, one ostensibly designed to aid in criminal investigations, can tempt those in power looking to gain leverage over the opposition or to silence members of civil society deemed threatening. Kudos to the filmmakers and all Pegasus Project contributors for shining a light on these potent cyberweapons.

Back to Blog