CIA Deployed Pegasus Spyware in Covert Operation to Mislead Iran During Airmen Rescue
In a remarkable intelligence operation, the United States Central Intelligence Agency (CIA) utilized the controversial Israeli-made Pegasus software to deliberately mislead Iranian authorities during a critical mission to retrieve a downed US airman last week. According to an exclusive report published by The Times of London, the American spy agency leveraged the sophisticated cyber tool developed by the Israeli firm NSO Group to send fabricated messages to high-ranking Iranian leadership and operatives of the Islamic Revolutionary Guard Corps (IRGC).
Deceptive Messaging in a High-Stakes Rescue Mission
The covert operation was an integral component of a larger, urgent mission to rescue one of two US airmen whose aircraft had crashed within Iranian territory amid the ongoing regional conflict. The CIA's use of Pegasus involved transmitting messages falsely claiming that the downed US airman had already been located by Iranian forces, a strategic move designed to create confusion and potentially facilitate the actual rescue efforts. This incident marks a particularly rare occurrence of US aircraft losses inside Iran since hostilities escalated on February 28, highlighting the operation's significance and the lengths to which intelligence agencies will go in such scenarios.
The Pegasus Spyware: A Powerful and Controversial Tool
Pegasus spyware, developed by the NSO Group, is an exceptionally advanced surveillance tool that has been licensed to various governments worldwide for tracking terrorists and criminals. However, its capabilities have raised significant global concerns regarding privacy and ethical use.
- The spyware can secretly access mobile phones through various methods, including a notorious vulnerability involving missed WhatsApp video calls.
- Once installed, it gains complete control of the device without the owner's knowledge or consent.
- It can harvest sensitive data such as passwords, contacts, calendar entries, text messages, and even intercept live voice calls from messaging applications.
- The software operates stealthily, leaving minimal traces on the device, consuming negligible battery, memory, and data, and includes a self-destruct feature for remote deletion.
Historical Context: The 2019 WhatsApp Attacks and Legal Battle
In 2019, WhatsApp disclosed that its platform had been exploited to target approximately 1,400 users globally using the Pegasus spyware. The attack method involved hackers installing the spyware simply through a missed voice or video call, requiring no interaction from the user. The victims reportedly included journalists, human rights activists, lawyers, and government officials, sparking international outrage.
Following these revelations, WhatsApp's parent company, Meta, filed a lawsuit in the United States against NSO Group. The legal complaint accused NSO of exploiting a buffer overflow vulnerability in WhatsApp's VOIP stack, which allowed remote code execution via specially crafted RTCP packets sent to target phone numbers. WhatsApp argued that this not only violated its terms of service but also severely compromised user privacy on a massive scale.
The CIA's recent deployment of Pegasus in the Iranian operation underscores the ongoing dual-use nature of such cyber intelligence tools—employed by states for national security objectives while simultaneously posing profound risks to individual privacy and digital security worldwide. This event adds a new chapter to the complex narrative surrounding government surveillance, international espionage, and the ethical boundaries of cyber warfare in modern conflicts.
