Surge In Fake Pegasus Spyware On Dark Web After Apple Threat Alerts: CloudSEK Report

CloudSEK, a cybersecurity firm, found a surge in fake Pegasus spyware on the deep and dark web, after Apple sent threat notifications to iPhone users in 92 countries last month.

Although Apple did not identify any specific threat actors in its warning, it did cite Pegasus spyware from the NSO Group as an example.

CloudSEK believes this may have prompted scammers to sell fraudulent malware disguised as Pegasus source code.

After analysing approximately 25,000 posts on Telegram, researchers discovered that a significant portion of the posts claimed to sell authentic Pegasus source code.

By engaging with over 150 potential sellers of this so-called spyware, the report revealed that the samples included source code, live video demonstrations of the malware in action, and snapshots of the source code, all labeled with names suggesting Pegasus.

While these spyware can still be nefarious and harm the victims, they are likely not associated with the NSO Group or Pegasus.