Skip to main content

This camera phone spyware can harvest your photographs and secretly record you

camera phone
(Image credit: ROBIN WORRALL on Unsplash)

Regularly dodging phishing scams and malware has become an unfortunate part of day-to-day life when using a camera phone. Many of us are well versed in the necessary art of avoiding suspicious links and hanging up on overly-friendly callers asking for far too many personal details. 

However, a recently uncovered piece of spyware is so sophisticated that it can even infect a camera phone through a "zero-click" attack. This means that it doesn't require any interaction from the handset's owner, often exploiting vulnerabilities within the camera phone's operating system to do so.

• Read more: Best camera phone

Known as Pegasus, this spyware was developed, marketed and licensed to governments around the world by the Israeli company NSO Group. As reported by The Guardian, this piece of software is essentially capable of turning your camera phone into a constant surveillance device, "It can copy messages you send or receive, harvest your photos and record your calls. It might secretly film you through your phone's camera, or activate the microphone to record your conversations. It can potentially pinpoint where you are, where you've been, and who you've met."

According to Claudio Guarnieri, who runs Amnesty International's Berlin-based Security Lab, NSO clients have mostly abandoned using the suspicious-looking text messages that many of us are used to. Instead, the "zero-click" attacks have become more widely used instead, exploiting weaknesses in software such as iMessage or WhatsApp. 

Guarnieri even states, "When an iPhone is compromised, it's done in such a way that allows the attacker to obtain so-called root privileges, or administrative privileges, on the device. Pegasus can do more than what the owner of the device can do." 

One of the most worrying aspects of Pegasus spyware is how difficult it is to prevent an attack. With the spyware targeting undiscovered weaknesses in software, this means that it's impossible to prevent an attack. Guarnieri says, "This is the question that gets asked to me… 'What can I do to stop this happening again?' The real honest answer is nothing". 

Some of the targets selected by clients of NSO include Roula Khalaf, the editor of the Financial Times. Other possible candidates that were selected include journalists from organizations including the Wall Street Journal, CNN, the New York Times, Al Jazeera, Associated Press, the Economist and more. 

Meanwhile, according to this report by The Guardian, NSO has insisted that the governments that license Pegasus are contractually bound to only use the spyware to fight "serious crime and terrorism". 

Read more

Best Samsung phone
Best Xiaomi phone
Best Google phone
Best Sony phone
Best iPhone for photography

Louise Carey

With over a decade of photographic experience, Louise arms Digital Camera World with a wealth of knowledge on photographic technique and know-how – something at which she is so adept that she's delivered workshops for the likes of ITV and Sue Ryder. Louise also brings years of experience as both a web and print journalist, having served as features editor for Practical Photography magazine and contributing photography tutorials and camera analysis to titles including Digital Camera Magazine and  Digital Photographer. Louise currently shoots with the Fujifilm X-T200 and the Nikon D800, capturing self-portraits and still life images, and is DCW's ecommerce editor, meaning that she knows good camera, lens and laptop deals when she sees them.