The CIA used Pegasus spyware - the same tool criticized for targeting journalists and dissidents - to conduct a deception operation during the rescue of an American airman held in Iran, according to reports from Israeli intelligence sources.
The operation represents a rare confirmed case of Western intelligence agencies using commercial spyware for active operations rather than just surveillance. And it raises uncomfortable questions about the dual nature of tools that civil liberties groups have condemned as instruments of oppression.
Pegasus, developed by Israeli firm NSO Group, is one of the most sophisticated phone hacking tools ever created. It can compromise iOS and Android devices through zero-click exploits, meaning targets don't need to click any links or download anything. Once installed, it extracts messages, emails, photos, location data, and can activate cameras and microphones remotely.
For years, Pegasus has been a boogeyman in digital security circles. Amnesty International documented its use against human rights activists. Journalists from Al Jazeera and The Washington Post were targeted. The Saudi government allegedly used it to track associates of murdered journalist Jamal Khashoggi.
The U.S. government sanctioned NSO Group in 2021, adding the company to a trade blacklist for "acting contrary to the foreign policy and national security interests of the United States." The Biden administration issued an executive order restricting use of commercial spyware by federal agencies.
And yet, according to this report, the CIA used Pegasus to help extract an American airman from Iran.
The operational details are limited - intelligence agencies don't usually advertise tradecraft. But the broad strokes are clear: was deployed against Iranian targets to create confusion and misdirection while the rescue operation proceeded. Exactly how it was used - compromising communications, planting false information, tracking Iranian security forces - remains classified.
