Cyberbytes Daily

Isreali NSO Group’s Pegasus Spyware Detected in New Mobile Devices

Cybersecurity researchers from iVerify have revealed widespread new infections of the Pegasus spyware, developed by NSO Group (dubbed “Rainbow Ronin”), showing that spyware targets not only activists and journalists but also professionals and civilians.

The company’s newly launched Mobile Threat Hunting feature has detected multiple instances of the infamous Pegasus spyware, developed by NSO Group (dubbed “Rainbow Ronin” by iVerify), on devices belonging to ordinary professionals and civilians.

Researchers conducted an extensive scan by iVerify and uncovered the following key findings:

  • 2,500 self-scanned devices yielded seven Pegasus infections
  • Infection rate of 2.5 devices per 1,000 scans, significantly higher than previous estimates
  • Infections dating back to 2021, spanning multiple iOS versions

“These findings validate what we’ve long suspected: if you scan for it, you will find it,” said an iVerify spokesperson. “We’re uncovering threats that have been hiding in plain sight, undetected by traditional security measures.”

The investigation’s results challenge the prevailing notion that advanced spyware like Pegasus only targets high-profile individuals such as journalists, activists, and government officials. While the scanned devices did belong to higher-risk populations, the detection rate suggests a more widespread problem than previously acknowledged.

Analyse Real-World Malware & Phishing Attacks With ANY.RUN - Get up to 3 Free Licenses

Pegasus: A Sophisticated Adversary

NSO Group (Rainbow Ronin) developed Pegasus, which embodies cutting-edge spyware technology.

  • Capable of complete device control
  • Utilizes zero-click attacks for infection
  • Exploits vulnerabilities in both iOS and Android

iVerify’s research uncovered five unique malware types across both major mobile operating systems, with forensic artifacts detected in various system logs.

This investigation highlights a critical gap in current mobile security practices. “As an industry, we’ve believed that mobile device security is good enough,” the iVerify spokesperson noted.

“But our findings suggest the threat landscape is far more complex and dangerous than we thought.” In the coming weeks, iVerify plans to release a detailed technical analysis of their Pegasus findings.

As mobile threats continue to evolve, iVerify’s work underscores the importance of proactive, user-accessible security measures. By putting powerful threat detection capabilities directly into users’ hands, the company aims to revolutionize how we approach mobile device security in an increasingly complex digital world.

Free Webinar on Best Practices for API vulnerability & Penetration Testing:  Free Registration

The post Isreali NSO Group’s Pegasus Spyware Detected in New Mobile Devices appeared first on Cyber Security News.

Tags

About Author

Chad Barr

Chad Barr is a visionary and executive leader, blending over two decades of expertise with a unique ability to demystify complex technical concepts. As a cybersecurity leader, prolific author, and director at AccessIT Group, Chad has empowered organizations across diverse industries to build resilient security frameworks. His engaging writing, speaking engagements, and thought leadership inspire proactive cybersecurity practices, making him a trusted voice in the ever-evolving digital landscape.

My Books

Cybersecurity News

  • Hackers Actively Exploited Ivanti VPN 0-Day Vulnerability (CVE-2025-0282): Technical Analysis
    by Balaji N on January 9, 2025 at 4:52 am

    Ivanti publicly disclosed two critical vulnerabilities CVE-2025-0282 and CVE-2025-0283 affecting its Connect Secure (ICS) VPN appliances. The announcement comes amidst alarming reports of active zero-day exploitation of CVE-2025-0282, identified by cybersecurity firm Mandiant as having begun in mid-December 2024. The exploitation has raised concerns about potential network breaches and downstream compromises for affected organizations. CVE-2025-0282, The post Hackers Actively Exploited Ivanti VPN 0-Day Vulnerability (CVE-2025-0282): Technical Analysis appeared first on Cyber Security News.

  • Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure
    by [email protected] (The Hacker News) on January 9, 2025 at 4:40 am

    Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024. The security vulnerability in question is CVE-2025-0282 (CVSS score: 9.0), a stack-based buffer overflow that affects Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2

  • Wireshark 4.4.3 Released – What’s New!
    by Guru Baran on January 9, 2025 at 2:51 am

    The Wireshark Foundation has announced the release of Wireshark 4.4.3, the latest version of the world’s most popular network protocol analyzer. This update brings a host of bug fixes and protocol support improvements, enhancing the tool’s capabilities for network troubleshooting, analysis, development, and education. What is Wireshark? Wireshark is a powerful, open-source network analysis tool The post Wireshark 4.4.3 Released – What’s New! appeared first on Cyber Security News.

  • Ivanti VPN Zero-Day Vulnerability Actively Exploited in the Wild
    by Guru Baran on January 9, 2025 at 2:27 am

    Ivanti has disclosed actively exploiting a critical zero-day vulnerability, CVE-2025-0282, in its Connect Secure VPN appliances. This vulnerability allows unauthenticated remote code execution and has already been exploited in a limited number of cases. A second vulnerability, CVE-2025-0283, which enables local privilege escalation, has also been identified but is not known to have been exploited. The post Ivanti VPN Zero-Day Vulnerability Actively Exploited in the Wild appeared first on Cyber Security News.

  • India Readies Overhauled National Data Privacy Rules
    by Nate Nelson, Contributing Writer on January 9, 2025 at 2:00 am

    The country awaits implementation guidelines for a framework that gives Indians greater autonomy and security over their personal data — and recognizes a right to personal privacy.

Latest Posts

Categories

Tags

AI AWS ChatGPT Credit Card Fraud Cybercriminals Cyber News Cyber Security Cybersecurity News Data Breach Digital Transformation Gen AI IoT Nation-State Ransomware Security Skimmer Malware Starbucks