Pegasus is a software used by government agencies of multiple countries, which allows to take control of almost any smartphone. For this purpose, it is sufficient, for example, to receive a message sent via WhatsApp messenger. Pegasus is software marketed by the Isreali company NSO.

According to the Niebezpiecznik website, journalists from the Forbidden Stories and Amnesty International have obtained a list of 50,000 personal phone numbers from around 40 countries that were targeted by Pegasus.

Unfortunately, Pegasus has not been used only for fighting criminals, the obtained list includes journalists, activists, businessmen, academics, government officials and lawyers that are inconvenient for individual countries.

However, the presence of a number on the list does not necessarily mean that the smartphone in question has been infected, but that an attempt has been made to do so. Among the published numbers there are nearly 200 journalists working for the largest editorial offices, such as the New York Times, Bloomberg or Al Jazeera.

Amnesty International’s GitHub contains the full list of IOCs, emails and over a thousand domains that were used to carry out the attacks, including the domain emonitoring-przesylek.pl, which could be used to attack targets from Poland.

If you suspect you have fallen victim to Pegasus, Niebezpiecznik advises that you restart your phone. Some zero-day exploits transfer almost complete control of a mobile device, but are unable to survive a phone restart.