Documenting misinformation in the infosecurity space, focusing particularly on malware analysis and forensics.
Created by @maldr0id
The following claim was made public and reported by many news websites:
Pegasus spyware contains comments in the Chinese language
The claim is considered: FALSE
The rumour about a Pegasus sample containing comments in the Chinese language started on Twitter where one user mistakenly attributed an Android application used in game cheating as belonging to the Pegasus family of spyware. However, detailed analysis of the sample showed that it is available on two different Chinese app markets and just shared an open source library with old Android Pegasus samples1. This analysis was later independently confirmed by another researcher2.
Pegasus is made by an Israeli company called “NSO Group”3. However, the claim was still reported by many news websites, particularly in Poland. It was so widely reported that a question about supposed Chinese origins of Pegasus was asked during the Polish Senate committee hearing. In fact some of the news articles (listed below) still repeat that claim.
The websites below repeat the claim. This is not a full list of websites.
The misinformation campaigns below have used this claim.