How does Pegasus work to infiltrate chats?

Pegasus doesn’t break E2EE. Instead, it bypasses it entirely by compromising the device itself. Once your phone is infected, the spyware operates with very high privileges. At that point, encryption is no longer the barrier. Messages are encrypted only while in transit. On your device, they must be decrypted before you can read them. Pegasus takes advantage of this by accessing data directly on the device, either from memory or by capturing the screen and inputs. So it can read messages in their decrypted form without ever needing to crack the encryption protocol. That’s why E2EE doesn’t protect against a fully compromised device.