Pegasus Spyware Extensively Deployed Against Private Industry and Finance Professionals

21.02.2025

Pegasus spyware, once primarily used to monitor journalists and activists, is now being deployed against executives in finance, real estate, and logistics, signaling a shift toward corporate espionage. A December 2024 investigation uncovered 11 new Pegasus infections among 18,000 scanned devices, highlighting the spyware’s increasing presence in private industry. Reports indicate that the spyware frequently bypasses traditional security measures, evading Apple’s Threat Notifications in nearly half of the cases.

Developed by Israel’s NSO Group, Pegasus infiltrates devices through zero-click exploits, often targeting iMessage and WhatsApp vulnerabilities. Once installed, it gains deep access to both iOS and Android systems, allowing attackers to extract encrypted messages, financial records, and even remotely activate microphones. Some compromised devices had been infected since 2021, with multiple Pegasus versions persisting despite system updates.

Detection efforts are evolving, with iVerify introducing a mobile threat-hunting feature that leverages signature-based detection, heuristic analysis, and machine learning. The tool scans system logs for traces of Pegasus activity, identifying infections that would otherwise remain undetected. Additionally, Kaspersky’s iShutdown tool automates forensic analysis, helping users detect spyware through anomalous system behaviors and cryptographic anomalies. However, even Apple’s Lockdown Mode has failed to prevent infections in several documented cases, underscoring the spyware’s adaptability.

The widespread nature of Pegasus infections suggests that thousands of compromised devices remain undetected. Data shows that 55% of infected users received no alert from Apple’s security notifications, leaving them vulnerable until third-party detection tools were used. As the spyware continues targeting the private sector, security experts emphasize the need for businesses to implement proactive monitoring measures.

To mitigate risks, security professionals recommend daily device reboots, disabling iMessage and FaceTime, and regularly updating operating systems to patch vulnerabilities. While advancements in detection provide hope, systemic collaboration with technology companies remains essential. In an era where industrial espionage is on the rise, awareness and early detection are critical to safeguarding sensitive corporate data.