Skip to main content

PEGASUS [EXPLAINED] - Why is it a threat to an individual's security?

 


WHAT IS PEGASUS?

Pegasus is one of the most powerful spyware ever developed in history. It is developed by NSO Group, an Israeli surveillance firm. It has the capability to infect billions of phones globally. Pegasus is capable of reaching target’s phone via multiple routes.


When was it first discovered?

The first and the earlier version of Pegasus was discovered in 2016, which used the technology of spear-phishing-text messages/emails, tricking the target population through a malicious link. 


How Does it Work?Which information may be compromised?

Once it is installed in a target’s phone, it can turn it into a 24-hour surveillance device. It is capable of the following:

  • Copying your messages, 
  • Harvest WhatsApp chats.
  • Access your photos,
  • Record your calls,
  • Extract any file, 
  • Secretly film you through phone’s camera, 
  • Record your conversations by activating the microphone, 
  • Extract your past and present location, etc.

All without the target noticing it.


How it came into limelight?


August 2016 : The Citizen Lab, interdisciplinary laboratory, University of Toronto, reported the existence of Pegasus. It reported the existence to Lookout, a cyber security firm. Later, both flagged threat to Apple


April 2017 : Google and Lookout made public the details of the Android version of Pegasus.


October 2019 : Amnesty International documented the use of network injections which enabled the attackers to install the spyware without requiring any interaction by the target.


October 2019 : WhatsApp revealed the involvement of NSO’s software in sending of malware to more than 1,400 phones by exploiting a zero-day vulnerability.


November 2019 : A New York City based reported photographed an interception device, placed at the back of a van at Milipol trade show in Paris.


December 2020 : Citizen Lab report reported how Pegasus was used by to hack 37 phones, owned by   producers, executives, journalists, and anchors at Al Jazeera and Al Araby TV.




Difference between the then and now Pegasus.

The earlier version of Pegasus used spear phishing method in which a malicious link is embedded in a message customized to entice the target to click. 


Whereas, the recent version uses the zero-click attacks , where the target’s phone can be hacked without any actions of the target.


Different ways in which Pegasus can be installed?

  • Pegasus uses the zero-click attacks , where the target’s phone can be hacked without any actions of the target.
  • One way is through over-the-air (OTA). The OTA sends a push message covertly which allows the installation of the spyware in the target device, with the target unaware of the installation.
  • Another way is through a WhatsApp call, the malicious spyware could be installed on the phone through a WhatsApp call, even if the target does not answers the call.
  • Pegasus can also be installed over a wireless transceiver located near a target.


What kind of devices can be attacked?

Pegasus spyware can be installed in any and all devices. But, Apple iPhones are termed to be the most vulnerable and targeted devices to be attacked by Pegasus through Apple’s iMessage application. 


Who are the potential targets and clients?


Although the NSO group did not reveal the names of the client countries but claimed to have about 60 clients from 40 countries . 


Following are the Potential targets to have been attacked by Pegasus:

  • Prominent business personalities,
  • Human rights defenders, 
  • Academics,
  • Journalists, 
  • Lawyers,
  • Doctors, 
  • World leaders, 
  • Politicians,
  • Diplomats ,
  • Heads of states, etc.


Personalities already attacked:

  • More than 600 politicians or government officials.
  • Arab royal family Members
  • About 70 business personalities
  • 200+ journalists
  • Emmanuel Macron, President of France,
  • South African President Cyril Ramaphosa
  • Imran Khan, Prime Minister of Pakistan.
  • Rahul Gandhi, Politician, India


Precautions to be taken:

Apparently, one can do nothing to prevent one’s device from getting compromised because Pegasus derives out a vulnerability in one’s phone through its operating system.


One may take following precautions to prevent the spyware:

  • The best way to prevent the attack is to keep your phone updated with the latest operating system and firewall.
  • Changing of headsets periodically, may reduce the risk of getting attacked.
  • Important phone calls and messages may be made through an handset with basic features of calling and messaging to reduce network interjections.
Labels:

Comments

Post a Comment

Popular posts from this blog

What is the 25th Amendment of US Constitution? How can it be used to remove Trump?

                      There are calls to impeach the President of the United States or to invoke 25th amendment  to remove the President from the office. The call to remove was taken after the supporters of Donald Trump stormed the US Capitol building. The US Capitol building houses both the US senate and the house of representative . Let us learn about the 25th amendment and how it can be used to remove Donald Trump WHAT IS THE 25th AMENDMENT? The 25th amendment of the US Constitution lays out the principles and ways to remove or replace the President and the Vice President of the United States. T he 25th amendment was an effort to resolve some of the continuing issues about the office of the president. This is what happens in the case of vacancy of the office and what is the course to follow if for some reason the the President becomes disabled to such a degree that he cannot fulfill his responsibili...
Post a Comment
Read more

US ELECTIONS 2020- WHEN AND WHY IS IT IMPORTANT?

As the US presidential elections are approaching, a question that arises in the mind of people is How are US election important for the world?  In this blog we will talk about the US ELECTIONS 2020  and also   try to find an answer to the aforementioned question . US ELECTIONS 2020 US is the world's largest economy , with GDP of 18 trillion dollars approximately and also a superior constituting one of the largest  military force in the world. Being, Worlds largest economy and a superpower, the US presidential elections are of utmost important for political , social and economical conditions of the society. The elections take place after every four years . When are US ELECTIONS 2020 going to take place? The 59th United States presidential elections are scheduled to take place on November 3, 2020. The voters will vote to select the presidential electors who then will  either elect   a new presiden t and vice-president or will re-elect the current presiden...
2 comments
Read more

Thai Protests- Why are Thai Students Protesting?

Students in Thailand are once again involved in a series of protest, this time against the government of the Prime Minister Prayut-Chan-Ocha demanding reforms in Thai monarchy .  Let us talk about the whole story behind these protests by Thai students.  Why are Thai students protesting?  The anti-government protests started last year after the banning of the most vocal party opposing the government by the court. After a pause during Coronavirus, the protesters once again came onto the streets in mid-jury demanding Prayuth's removal , new Constitution , and an end to harassments of activists . Some came up with a list of 10 demands supported by thousands. Protesters say the do not want an end to the monarchy, just some reforms but the conservatives are horrified by such attacks. What is lese majesty law? The  lese majesty law  states that the monarchy is protected by  section 112  of the penal code, which states that whoever defames, insults, threa...
Post a Comment
Read more