Skip to main content

PEGASUS [EXPLAINED] - Why is it a threat to an individual's security?

 


WHAT IS PEGASUS?

Pegasus is one of the most powerful spyware ever developed in history. It is developed by NSO Group, an Israeli surveillance firm. It has the capability to infect billions of phones globally. Pegasus is capable of reaching target’s phone via multiple routes.


When was it first discovered?

The first and the earlier version of Pegasus was discovered in 2016, which used the technology of spear-phishing-text messages/emails, tricking the target population through a malicious link. 


How Does it Work?Which information may be compromised?

Once it is installed in a target’s phone, it can turn it into a 24-hour surveillance device. It is capable of the following:

  • Copying your messages, 
  • Harvest WhatsApp chats.
  • Access your photos,
  • Record your calls,
  • Extract any file, 
  • Secretly film you through phone’s camera, 
  • Record your conversations by activating the microphone, 
  • Extract your past and present location, etc.

All without the target noticing it.


How it came into limelight?


August 2016 : The Citizen Lab, interdisciplinary laboratory, University of Toronto, reported the existence of Pegasus. It reported the existence to Lookout, a cyber security firm. Later, both flagged threat to Apple


April 2017 : Google and Lookout made public the details of the Android version of Pegasus.


October 2019 : Amnesty International documented the use of network injections which enabled the attackers to install the spyware without requiring any interaction by the target.


October 2019 : WhatsApp revealed the involvement of NSO’s software in sending of malware to more than 1,400 phones by exploiting a zero-day vulnerability.


November 2019 : A New York City based reported photographed an interception device, placed at the back of a van at Milipol trade show in Paris.


December 2020 : Citizen Lab report reported how Pegasus was used by to hack 37 phones, owned by   producers, executives, journalists, and anchors at Al Jazeera and Al Araby TV.




Difference between the then and now Pegasus.

The earlier version of Pegasus used spear phishing method in which a malicious link is embedded in a message customized to entice the target to click. 


Whereas, the recent version uses the zero-click attacks , where the target’s phone can be hacked without any actions of the target.


Different ways in which Pegasus can be installed?

  • Pegasus uses the zero-click attacks , where the target’s phone can be hacked without any actions of the target.
  • One way is through over-the-air (OTA). The OTA sends a push message covertly which allows the installation of the spyware in the target device, with the target unaware of the installation.
  • Another way is through a WhatsApp call, the malicious spyware could be installed on the phone through a WhatsApp call, even if the target does not answers the call.
  • Pegasus can also be installed over a wireless transceiver located near a target.


What kind of devices can be attacked?

Pegasus spyware can be installed in any and all devices. But, Apple iPhones are termed to be the most vulnerable and targeted devices to be attacked by Pegasus through Apple’s iMessage application. 


Who are the potential targets and clients?


Although the NSO group did not reveal the names of the client countries but claimed to have about 60 clients from 40 countries . 


Following are the Potential targets to have been attacked by Pegasus:

  • Prominent business personalities,
  • Human rights defenders, 
  • Academics,
  • Journalists, 
  • Lawyers,
  • Doctors, 
  • World leaders, 
  • Politicians,
  • Diplomats ,
  • Heads of states, etc.


Personalities already attacked:

  • More than 600 politicians or government officials.
  • Arab royal family Members
  • About 70 business personalities
  • 200+ journalists
  • Emmanuel Macron, President of France,
  • South African President Cyril Ramaphosa
  • Imran Khan, Prime Minister of Pakistan.
  • Rahul Gandhi, Politician, India


Precautions to be taken:

Apparently, one can do nothing to prevent one’s device from getting compromised because Pegasus derives out a vulnerability in one’s phone through its operating system.


One may take following precautions to prevent the spyware:

  • The best way to prevent the attack is to keep your phone updated with the latest operating system and firewall.
  • Changing of headsets periodically, may reduce the risk of getting attacked.
  • Important phone calls and messages may be made through an handset with basic features of calling and messaging to reduce network interjections.
Labels:

Comments

Post a Comment

Popular posts from this blog

What is the 25th Amendment of US Constitution? How can it be used to remove Trump?

                      There are calls to impeach the President of the United States or to invoke 25th amendment  to remove the President from the office. The call to remove was taken after the supporters of Donald Trump stormed the US Capitol building. The US Capitol building houses both the US senate and the house of representative . Let us learn about the 25th amendment and how it can be used to remove Donald Trump WHAT IS THE 25th AMENDMENT? The 25th amendment of the US Constitution lays out the principles and ways to remove or replace the President and the Vice President of the United States. T he 25th amendment was an effort to resolve some of the continuing issues about the office of the president. This is what happens in the case of vacancy of the office and what is the course to follow if for some reason the the President becomes disabled to such a degree that he cannot fulfill his responsibili...
Post a Comment
Read more

Bihar Elections 2020- What makes it more interesting this year?

When the whole country is facing the deadly coronavirus , the Bihar Legislative Assembly elections are going to take place in the midst of the pandemic. With many prevailing social issues and increase in vote bank the Bihar elections are becoming interesting day by day. In this blog we will talk about the Bihar Legislative Assembly Elections 2020 and How are they more interesting this year? When are the Elections going to take place? The Bihar Legislative Assembly Elections will take place between 28 October, 2020- 7 November, 2020 .The elections will be held in three phases for 243 seats . The first phase will take place on 28 October 2020 for 71 seats , Second phase for 94 seats on 3 November 2020 and the Third phase for 78 seats on 7 November 2020 . Schedule for Bihar Elections 2020 The Bihar Legislative Assembly Elections 2020 will be held in three phases. Phase I The elections in phase 1 will take place on 28 October 2020 for 71 seats in the districts of Dinara, Nokha, Dehri, Kar...
1 comment
Read more

Boycott French Goods- All you need to know about

The middle east countries are calling to boycott french products . But what forced the middle east countries to boycott the french goods? In this blog let us talk about the whole story about what led the Arab countries to call for boycott of french goods. Why are the middle east countries calling to boycott french goods? The call to boycott french goods rise after the French President Emmanuel Macron promised not to give up the cartoons depicting depicting Prophet Mohammad . The president's comments was in response to the beheading of Samuel Paty , outside the school in suburb outside Paris after he showed cartoons of Prophet Mohammad during his class on free speech . What is the main controversy?  It all started on October 17 , when Samuel Paty , a french teacher who presented the cartoons of Prophet Mohammad during his class on free speech was beheaded outside the school in suburb outside Paris to which the president termed as Islamic terrorist attack.    The inva...
Post a Comment
Read more