Targeted iOS Spyware: What you need to know to protect your organization from Pegasus and Trident

In 2016, The New York Times, Wall Street Journal, Washington Post and many other media outlets covered Lookout and Citizen Lab's striking find: the most sophisticated, targeted, and persistent mobile attack ever found on iOS. On July 18, 2021, The Washington Post and 16 other media outlets reported that Pegasus was used on countless business executives, human rights activists, journalists, academics and government officials.

The attack allows an adversary to silently jailbreak an iOS device and stealthily spy on victims, collecting information from voice communications, camera, email, messaging, GPS, passwords, and contact lists.

This discovery is further proof that mobile platforms are fertile ground for gathering sensitive information from target victims, and well-resourced threat actors are regularly exploiting that mobile environment.

Download Product Datasheet
Visit Our Threat Lab

As Featured In

This malware sold to governments could help them spy on iPhones, researchers say

Read The Article

What You Need to Know about Trident & Pegasus

Read The Article

Democratic Party Says It Thwarted Attempted Hack of Voter Database

Read The Article

Apple zero-days mark a new era of mobile hacking

Read The Article

Microsoft and Lookout have been working together on a partnership for mobile security

Read The Article

Mobile-Phone Malware Is Rising. Blame Spies.

Read The Article

Learn More: Threat Brief and Technical Analysis

Get a quick overview and answers to the most frequently asked questions about the Pegasus spyware and Trident vulnerabilities from the Executive Four-Minute Read document below, ideal for CEOs and business executives.

CISOs, CIOs, and Security Researchers should get a copy of the Technical Analysis of Pegasus Spyware, the most in-depth information available on this unprecedented attack, from the only security company with samples of Pegasus.
Pegasus and Trident: Executive four-minute read

Spend four minutes reading this executive brief for a complete overview of the Pegasus spyware attack on iOS, including answers to the most commonly asked questions, a summary of the media response, and unique perspective from Lookout.

Get The Executive Brief
Technical Analysis of Pegasus Spyware

Read Lookout's investigation into this highly sophisticated espionage software. The attack takes advantage of how essential mobile devices are in our lives, spying on voice communications, camera, email, messaging, GPS, passwords, and contact lists.

Get The Report

iOS Spyware: How To Protect Your Enterprise

Watch this on-demand webinar to learn the technical details of Lookout and Citizen Lab's striking find: the most sophisticated, targeted, and persistent mobile attack ever found in iOS.

Watch the Webinar

From the Lookout Blog

Encryption and VPNs alone do not protect you from Pegasus and Trident

Encryption and VPNs are excellent tools that protect sensitive data in most situations. However, Pegasus has kernel level access to the device. This means the spyware sits in the path of all data, and uses “function hooking” to alter the legitimate app itself and intercept the decrypted communications.

Read Blog

Protect Yourself from Powerful Pegasus Spyware

First uncovered by Lookout and Citizen Lab in 2016, the highly advanced mobile spyware Pegasus was recently confirmed to have been used on business executives, human rights activists, journalists, academics and government officials.

Read Blog

The five things CISOs and CIOs should do now

With just a single tap the Pegasus attack has the capability to cause catastrophic data loss to a targeted individual or organization, completely compromising all communications from a smartphone. ISOs and CIOs should read this post to learn the top five things to do now.

Read Blog

Device already infected with Pegasus? Updating your OS won’t help

Updating to the latest iOS version will unfortunately not remove or detect Trident if the device is already infected. If an attacker has already infected a device with Trident, updating to iOS 9.3.5, the latest version of iOS, will only protect against future infection. It does not remove the spyware itself or alert enterprises to infections.

Read Blog

MDM solutions don’t deliver sufficient protection against Pegasus

MDMs can only detect known jailbreak techniques. Pegasus used advanced exploits of zero-day vulnerabilities to jailbreak the device. Now that these advanced techniques are publicly known, we have not observed any MDM technology that is currently able to detect them.

Read Blog

More actionable insights and perspective about the Pegasus spyware and Trident vulnerabilities

The Pegasus attack: How to determine if you’re impacted

Get visual, step-by-step instructions on how to determine if you've been affected by Pegasus.

Read Datasheet
Congressman urges congressional hearing after Trident discovery

Congressman Ted Lieu urges the U.S. government to pay closer attention to mobile security.

Read Blog
3 things CISOs need to know about the Trident iOS vulnerabilities

Learn how this attack directly applies to enterprises and how to protect sensitive data.

Read Blog

Lookout Delivers Endpoint-to-cloud Security

Request a Demo
Contact Sales
Free Trial