Skip to main content

This camera phone spyware can harvest your photographs and secretly record you

camera phone
(Image credit: ROBIN WORRALL on Unsplash)

Regularly dodging phishing scams and malware has become an unfortunate part of day-to-day life when using a camera phone. Many of us are well versed in the necessary art of avoiding suspicious links and hanging up on overly-friendly callers asking for far too many personal details. 

However, a recently uncovered piece of spyware is so sophisticated that it can even infect a camera phone through a "zero-click" attack. This means that it doesn't require any interaction from the handset's owner, often exploiting vulnerabilities within the camera phone's operating system to do so.

• Read more: Best camera phone (opens in new tab)

Known as Pegasus, this spyware was developed, marketed and licensed to governments around the world by the Israeli company NSO Group. As reported by The Guardian (opens in new tab), this piece of software is essentially capable of turning your camera phone into a constant surveillance device, "It can copy messages you send or receive, harvest your photos and record your calls. It might secretly film you through your phone's camera, or activate the microphone to record your conversations. It can potentially pinpoint where you are, where you've been, and who you've met."

According to Claudio Guarnieri, who runs Amnesty International's Berlin-based Security Lab, NSO clients have mostly abandoned using the suspicious-looking text messages that many of us are used to. Instead, the "zero-click" attacks have become more widely used instead, exploiting weaknesses in software such as iMessage or WhatsApp. 

Guarnieri even states, "When an iPhone is compromised, it's done in such a way that allows the attacker to obtain so-called root privileges, or administrative privileges, on the device. Pegasus can do more than what the owner of the device can do." 

One of the most worrying aspects of Pegasus spyware is how difficult it is to prevent an attack. With the spyware targeting undiscovered weaknesses in software, this means that it's impossible to prevent an attack. Guarnieri says, "This is the question that gets asked to me… 'What can I do to stop this happening again?' The real honest answer is nothing". 

Some of the targets selected by clients of NSO include Roula Khalaf, the editor of the Financial Times. Other possible candidates that were selected include journalists from organizations including the Wall Street Journal, CNN, the New York Times, Al Jazeera, Associated Press, the Economist and more. 

Meanwhile, according to this report (opens in new tab) by The Guardian, NSO has insisted that the governments that license Pegasus are contractually bound to only use the spyware to fight "serious crime and terrorism". 

Read more

Best Samsung phone (opens in new tab)
Best Xiaomi phone (opens in new tab)
Best Google phone (opens in new tab)
Best Sony phone (opens in new tab)
Best iPhone for photography (opens in new tab)

Thank you for reading 5 articles this month* Join now for unlimited access

Enjoy your first month for just £1 / $1 / €1

*Read 5 free articles per month without a subscription

Join now for unlimited access

Try first month for just £1 / $1 / €1

With over a decade of photographic experience, Louise arms Digital Camera World with a wealth of knowledge on photographic technique and know-how – something at which she is so adept that she's delivered workshops for the likes of ITV and Sue Ryder. Louise also brings years of experience as both a web and print journalist, having served as features editor for Practical Photography magazine and contributing photography tutorials and camera analysis to titles including Digital Camera Magazine (opens in new tab) and  Digital Photographer (opens in new tab). Louise currently shoots with the Fujifilm X-T200 and the Nikon D800, capturing self-portraits and still life images, and is DCW's ecommerce editor, meaning that she knows good camera, lens and laptop deals when she sees them.