Skip to main content

PEGASUS [EXPLAINED] - Why is it a threat to an individual's security?

 


WHAT IS PEGASUS?

Pegasus is one of the most powerful spyware ever developed in history. It is developed by NSO Group, an Israeli surveillance firm. It has the capability to infect billions of phones globally. Pegasus is capable of reaching target’s phone via multiple routes.


When was it first discovered?

The first and the earlier version of Pegasus was discovered in 2016, which used the technology of spear-phishing-text messages/emails, tricking the target population through a malicious link. 


How Does it Work?Which information may be compromised?

Once it is installed in a target’s phone, it can turn it into a 24-hour surveillance device. It is capable of the following:

  • Copying your messages, 
  • Harvest WhatsApp chats.
  • Access your photos,
  • Record your calls,
  • Extract any file, 
  • Secretly film you through phone’s camera, 
  • Record your conversations by activating the microphone, 
  • Extract your past and present location, etc.

All without the target noticing it.


How it came into limelight?


August 2016 : The Citizen Lab, interdisciplinary laboratory, University of Toronto, reported the existence of Pegasus. It reported the existence to Lookout, a cyber security firm. Later, both flagged threat to Apple


April 2017 : Google and Lookout made public the details of the Android version of Pegasus.


October 2019 : Amnesty International documented the use of network injections which enabled the attackers to install the spyware without requiring any interaction by the target.


October 2019 : WhatsApp revealed the involvement of NSO’s software in sending of malware to more than 1,400 phones by exploiting a zero-day vulnerability.


November 2019 : A New York City based reported photographed an interception device, placed at the back of a van at Milipol trade show in Paris.


December 2020 : Citizen Lab report reported how Pegasus was used by to hack 37 phones, owned by   producers, executives, journalists, and anchors at Al Jazeera and Al Araby TV.




Difference between the then and now Pegasus.

The earlier version of Pegasus used spear phishing method in which a malicious link is embedded in a message customized to entice the target to click. 


Whereas, the recent version uses the zero-click attacks , where the target’s phone can be hacked without any actions of the target.


Different ways in which Pegasus can be installed?

  • Pegasus uses the zero-click attacks , where the target’s phone can be hacked without any actions of the target.
  • One way is through over-the-air (OTA). The OTA sends a push message covertly which allows the installation of the spyware in the target device, with the target unaware of the installation.
  • Another way is through a WhatsApp call, the malicious spyware could be installed on the phone through a WhatsApp call, even if the target does not answers the call.
  • Pegasus can also be installed over a wireless transceiver located near a target.


What kind of devices can be attacked?

Pegasus spyware can be installed in any and all devices. But, Apple iPhones are termed to be the most vulnerable and targeted devices to be attacked by Pegasus through Apple’s iMessage application. 


Who are the potential targets and clients?


Although the NSO group did not reveal the names of the client countries but claimed to have about 60 clients from 40 countries . 


Following are the Potential targets to have been attacked by Pegasus:

  • Prominent business personalities,
  • Human rights defenders, 
  • Academics,
  • Journalists, 
  • Lawyers,
  • Doctors, 
  • World leaders, 
  • Politicians,
  • Diplomats ,
  • Heads of states, etc.


Personalities already attacked:

  • More than 600 politicians or government officials.
  • Arab royal family Members
  • About 70 business personalities
  • 200+ journalists
  • Emmanuel Macron, President of France,
  • South African President Cyril Ramaphosa
  • Imran Khan, Prime Minister of Pakistan.
  • Rahul Gandhi, Politician, India


Precautions to be taken:

Apparently, one can do nothing to prevent one’s device from getting compromised because Pegasus derives out a vulnerability in one’s phone through its operating system.


One may take following precautions to prevent the spyware:

  • The best way to prevent the attack is to keep your phone updated with the latest operating system and firewall.
  • Changing of headsets periodically, may reduce the risk of getting attacked.
  • Important phone calls and messages may be made through an handset with basic features of calling and messaging to reduce network interjections.
Labels:

Comments

Post a Comment

Popular posts from this blog

US ELECTIONS 2020- WHEN AND WHY IS IT IMPORTANT?

As the US presidential elections are approaching, a question that arises in the mind of people is How are US election important for the world?  In this blog we will talk about the US ELECTIONS 2020  and also   try to find an answer to the aforementioned question . US ELECTIONS 2020 US is the world's largest economy , with GDP of 18 trillion dollars approximately and also a superior constituting one of the largest  military force in the world. Being, Worlds largest economy and a superpower, the US presidential elections are of utmost important for political , social and economical conditions of the society. The elections take place after every four years . When are US ELECTIONS 2020 going to take place? The 59th United States presidential elections are scheduled to take place on November 3, 2020. The voters will vote to select the presidential electors who then will  either elect   a new presiden t and vice-president or will re-elect the current presiden...
2 comments
Read more

Is 100% cut-off justifiable?

As the admission season has   proliferated across the nation, major number of colleges have started releasing their cut off marks.  The admissions in Delhi University has once again touched the 100 per cent cut off marks for the undergraduate courses.   Let us now understand " what is a cut off?" and "I s 100% cut off justifiable?". What is a Cut off? A cut off mark is the minimum mark or percentage required for admission in a course or a college. Cut off varies for different exams and from exam to exam, it also varies with availability of vacancies and competitive level exams  . 100% cut off! Really? This year, the university’s admission process has been the highest with Lady Shri Ram College for Women setting 100% cut offs for three programmes ,  College of Vocational Studies and Indraprastha College for Women setting 100 per cent for the Computer Science program.  and a total of 30 programmes across all colleges have cut-offs of 99% or higher. The ke...
2 comments
Read more

Covid Vaccine- When can we expect one?

The world is facing the imbroglios Covid-19 from a long time now. Each and every person has the same question in mind that is "When will we get a Covid vaccination ?" . Let us try to find an answer to this question. What is a Vaccination? A vaccination is a kind of medicine which trains the immune system to fight a disease or germ. It prepares the body to make antigens or antibodies. A vaccination is generally administered through needles. A vaccine can take upto 10  years to develop and to be ready to use for public.  What are the different stages of vaccine development? A vaccine has to go through different stages before it is made available to the public. Pre-Clinical Trials: This research is done in the laboratories on cells and animals. Pre-clinical trials indicates about the efficiency and safety of the vaccine. Phase I trials: In this phase, r esearchers monitors the kidney, liver, hormone and cardiac functions to look for adverse affects in human volunteers.It take...
1 comment
Read more