Apple’s recent threat notifications to iPhone users in 92 countries have raised concerns about the surge of fake Pegasus spyware on the deep and dark web.


CloudSEK researchers conducted an investigation into the exploitation of the Pegasus spyware reputation by cybercriminals for financial gain. Scammers are distributing fake source codes falsely linked to Pegasus Spyware, capitalizing on the attention generated by Apple’s warning [1]. By engaging with potential sellers on Telegram [2], CloudSEK identified fraudulent samples and emphasized the importance of employee awareness and network monitoring to avoid falling victim to the Pegasus scam.


The proliferation of fraudulent malware under the guise of Pegasus source code poses challenges in accurately attributing cyberattacks. It is crucial to implement strict access controls and enhance employee awareness to mitigate the risks associated with such scams. Additionally, correctly attributing threat actors is essential to prevent panic and strengthen cybersecurity defenses in the face of potential threats.