Why the Sudden Limelight?
Pegasus Software, developed by Israel’s NSO Group, has recently been trending in the news after being exposed to a data leak. Around 50,000 phone numbers that belong to people have been targeted by NSO’s clients since 2016.
An international group of reporters conducted a study, labeled Pegasus Project, which uncovered the widest-known use of the Pegasus spyware yet. Several activists, journalists, and politicians around the world have been found spied on using this Israelian cell phone malware. The revelation sparked fears of privacy violations and abuse of rights across the world.
What is Pegasus?
Pegasus is a malware classified as spyware generally used by intelligence agencies as a highly sophisticated surveillance software. It can easily infiltrate iOS, Apple’s mobile phone operating system, and Android devices.
Once this spyware worms into your device, it acts as a 24- hour surveillance system and can copy your sent or received messages, harvest your photos and record all your calls. Pegasus also monitors the keystrokes on an infected device. Hence, all written communications and web searches, passwords are recorded and returned to the client.
In addition to this, there is a threat of spyware filming secretly through your phone camera. It may also activate your microphone to record your conversations with people around you. The spyware is also capable of pinpointing your exact location to the client.
How did Pegasus work before?
Back in 2016, Pegasus employed spear-phishing to infect the target’s device. The technique involved Pegasus operators sending text messages containing a malicious link to their target’s phone. If the target clicked, a malicious page would open on their web browser to download and execute the malware, thus infecting the device.
Clients would send spam messages to frustrate the target, then send another telling them to click on the link to stop receiving the spam. Social engineering techniques helped increase the likelihood of clicks by manipulating targets into clicking the embedded link in messages designed to appeal to their fears or interests.
Messages may be news of interest to the target, promotional activities such as heavily discounted products on e-commerce platforms, etc.
Such attacks are comparatively ineffective now with increasing awareness of cybersecurity among individuals.
Pegasus took a more subtle approach to solve this. This approach involves zero-click exploits.
Pegasus – Infecting by implementing zero-click attacks
Pegasus spyware now adopts the zero-clicks exploit approach. It eliminates the need for human errors to compromise a device. Instead, it relies on software or hardware flaws to gain complete access to a device.
A zero-click attack is a remote cyberattack that does not require any interaction from the target to compromise it. It does not need the target clicking on a malicious website or an app.
Zero-click exploits rely on bugs in popular apps like iMessage, WhatsApp, and FaceTime. All of these apps receive and sort data, sometimes from unknown sources.
Pegasus infiltrates a device using the protocol of the app once a vulnerability is detected. The user does not have to click on a link, read a message, or answer a call. These kinds of attacks overcome the chance of targets bypassing social engineering tactics. There is a nearly 100% probability of infecting the target device.
Pegasus has more control over the phone than the owner after infecting the device. The reason being the spyware gains root-level privileges in the device. After this, it can view everything from contact lists to messages and internet browsing history and send them to the attacker.
NSO Group generally uses servers managed by cloud-computing providers like Amazon Web Services to deliver Pegasus to phones.
The spyware recently came under the radar of the Government of India after reports emerged that it had leaked sensitive data of the cabinet ministers, opposition leaders, and journalists amidst others.
Of the 1,000 numbers identified in the 50,000, about 300 belong to Indians.
According to The Wire, this list includes three major opposition figures, one constitutional authority, two serving ministers in the Narendra Modi Government, 38 journalists, former heads and officials of security organizations, and several influential business personalities.
The target list includes opposition party leader Rahul Gandhi, poll strategist Prashant Kishor, and former Chief Justice Ranjan Gogoi.
The Ministry of Electronics and Information technology dismissed allegations of using Pegasus for illegal surveillance in the country.
Further information is still to be found and unveiled. Pegasus is well onto the path of becoming the most widely discussed topic all around the world.
Click on the link given below to read more about ‘The Pegasus Project’.
According to The Guardian: https://www.theguardian.com/news/series/pegasus-project
ALL IMAGES BELONG TO THEIR RESPECTIVE OWNERS.