iVerify Uncovers Pegasus Spyware on Private Sector Devices, Expanding Surveillance Concerns

An investigation by iVerify has revealed a broader impact of Pegasus spyware, impacting not only government officials and journalists but also executives in industries such as finance, real estate, and logistics. "Devices belonged to journalists, government officials, and corporate executives," iVerify stated, highlighting the expanded scope of targeted individuals. The findings stem from a large-scale mobile threat-hunting initiative launched in May 2024, where iVerify enabled users to conduct self-scans for spyware. Of the 2,500 initial scans, seven Pegasus infections were identified, spanning multiple years and iOS versions. By December 2024, the numbers had increased, with Pegasus detected on 11 out of 18,000 devices. This growing dataset indicates that spyware compromises extend far beyond high-profile political targets, reaching deep into the private sector.

The investigation uncovered infections dating as far back as 2021, showing that several victims had been under surveillance for years. Some infections were traced to exploits in iOS 14 and 15, with later attacks leveraging vulnerabilities in iOS 16.6 from 2023. The spyware's presence on business executives' devices raises concerns about corporate espionage, as these individuals often handle sensitive financial data, strategic negotiations, and high-value transactions. iVerify’s analysis found that many of these victims had been targeted multiple times, using different variants of Pegasus. The detections were not limited to a specific region, with confirmed cases spanning Europe and the Middle East, including Switzerland, Poland, Bahrain, Spain, the Czech Republic, and Armenia.

Despite Apple's efforts to alert users of potential spyware threats, iVerify noted that only half of the identified victims had received official threat notifications. The findings challenge previous assumptions that Pegasus was primarily a tool for state-level surveillance against political dissidents and activists. Instead, the spyware appears to be used more broadly, raising concerns about inadequate defenses against advanced mobile surveillance.