Pegasus spyware being “for sale” can be quite misleading, as it often refers to illicit activities rather than legitimate offerings from its developer.
- Official Sales (Highly Restricted):
Pegasus spyware is developed and sold by the Israeli cyber-arms company NSO Group. NSO Group maintains that it sells Pegasus exclusively to authorized government intelligence and law enforcement agencies for the purpose of combating serious crime, terrorism, and locating missing persons. For example, Mexico was an early client, reportedly using Pegasus in its efforts against drug cartels. - Unauthorized “Sales” and Leaks:
The claims you might see about “unauthorized access to Pegasus 2.0 panel” or “leaked files” being for sale typically fall into one of these categories: - Stolen Source Code: In 2018, a former senior programmer at NSO Group was charged with stealing Pegasus spyware source code and attempting to sell it for $50 million on the dark web, requesting payment in anonymous cryptocurrencies. This was an isolated incident of theft and attempted illicit sale by an individual, not a standard offering from NSO Group.
- Fraudulent Scams: There are “Pegasus email scams” where cybercriminals send intimidating emails claiming to have hacked a victim’s phone with Pegasus and demand a ransom in cryptocurrency. These are fraudulent attempts to extort money and do not involve actual access to the spyware.
- Fake Spyware Strains: Cloud security providers have found that threat actors are selling fake Pegasus spyware strains on both the clear web, dark web, and instant messaging platforms like Telegram. These are often ineffective tools or scripts created by scammers who exploit Pegasus’s notoriety for financial gain.[3] The warning in the post you shared about analyzing files in a secure, isolated environment is crucial because these purported “leaked files” are often fraudulent or contain malware themselves.[3]
- The “Pegasus Project Leak” Context:
The “Pegasus Project” was a landmark international investigative journalism initiative that brought to light the widespread misuse of Pegasus. This project was catalyzed by a leaked list of over 50,000 phone numbers, believed to be potential surveillance targets identified by NSO Group’s clients.[1, 4, 5, 6, 7] This was a leak of target data, not a leak of the Pegasus spyware itself or its command panel for sale to the public. The investigation revealed how governments used Pegasus to target journalists, human rights activists, lawyers, and politicians worldwide, often through “zero-click vulnerabilities” that allow infiltration without any user interaction.[1, 2, 8, 4, 5, 9, 10]
In essence, while Pegasus is a product that is “for sale” by NSO Group, it is strictly controlled and sold only to governments. Any claims of it being available for general purchase or through “leaked files” are almost certainly illicit, fraudulent, or refer to fake versions designed to exploit the spyware’s infamous reputation. The sentiment in the Telegram post about “cyber warfare disguised as surveillance” and “digital oppression” does align with the documented misuse of Pegasus by various governments against civil society, which has led to international condemnation and legal actions against NSO Group.
