NSO Group Pegasus Spyware: Understanding Zero-Click Technology
- The DigitalBank Vault
- 4 hours ago
- 2 min read
Pegasus spyware has pushed the boundaries of mobile surveillance by introducing zero-click infection techniques, enabling operators to compromise devices without any user interaction Wikipedia. First exposed in 2021 by Citizen Lab’s analysis of the FORCEDENTRY exploit, this capability makes Pegasus uniquely stealthy and dangerous The Citizen Lab.
What Is Pegasus?
Origins and Capabilities
First discovered in 2016, Pegasus is not a single program but a modular suite of exploits designed to infiltrate iOS and Android devices Wikipedia. Once installed, it can extract contacts, messages, call logs, photos, and even monitor communications across apps such as iMessage, WhatsApp, Telegram, and Skype Time.
Understanding Zero-Click Technology
Zero-click exploits allow malicious code to execute without any user action, leveraging vulnerabilities in applications that automatically process incoming data Kaspersky. Unlike traditional phishing or link-based attacks, these techniques bypass social engineering entirely, making them far harder to detect and defend against Kaspersky.
The FORCEDENTRY Exploit
The most notorious Pegasus zero-click vector is FORCEDENTRY, a vulnerability in Apple’s iMessage first documented by Citizen Lab in 2021 The Citizen Lab. FORCEDENTRY exploits a flaw in Apple’s JBIG2 image-rendering library to bypass iOS’s BlastDoor sandbox, enabling remote code execution without any interaction Wikipedia.
Infection Vectors: NSO Group Pegasus Spyware: Understanding Zero-Click Technology
Pegasus employs multiple infection vectors, including iMessage exploits and WhatsApp vulnerabilities to deliver its payloads Wikipedia.In 2019, WhatsApp disclosed that Pegasus could be installed via a zero-click missed-call exploit, infecting devices even if calls were not answered Wikipedia.Security researchers at Trend Micro have also documented Pegasus using two iMessage zero-click exploits—Kismet and FORCEDENTRY—to compromise devices belonging to activists and journalists Trend Micro.
Recent Developments and Legal Battles
On April 22, 2025, India’s Supreme Court set a hearing for April 29 to probe alleged unauthorized surveillance using Pegasus The Economic Times.In March 2025, Spain’s Audiencia de Barcelona indicted three NSO Group executives—Omri Lavie, Shalev Hulio, and Yuval Somekh—for espionage against lawyer Andreu Van den Eynde El País.In the United States, a federal judge recently limited the evidence NSO Group can present in WhatsApp’s lawsuit, highlighting ongoing legal challenges CyberScoop.Just Security reports that NSO has faced setbacks, with courts ruling it liable for hacking and breach of contract in WhatsApp’s civil case Just Security.Meanwhile, security experts warn that despite these legal pressures, zero-click spyware continues to evolve, underscoring the urgent need for stronger regulations and defensive measures WIRED.
Conclusion
Pegasus’s zero-click infection methods represent a watershed in surveillance technology—allowing clandestine compromise of targets without any indication on their part. From the FORCEDENTRY iMessage exploit to WhatsApp’s missed-call vulnerability, the spyware’s toolkit remains one of the most advanced in the world. As courts across the globe grapple with NSO Group’s legal liabilities, the security community continues to call for robust safeguards against zero-click threats, advocating for stringent oversight and faster patch cycles to protect the most vulnerable.
Comentários