Pegasus, an Israeli spyware hacks into your Whatsapp and is referred to as the “most sophisticated smartphone attack ever”. It is in news because on Sunday evening a number of news websites, including the Washington Post and the Guardian, claimed that over 10 governments are using this spyware to spy on journalists, activists and other key media personalities. In India, according to the reports, over 40 journalists were under surveillance using Pegasus.
It is worth noting that NSO Group has confirmed the existence of Pegasus. However, the Israeli company has also said that it sells the tools only to governments and that it is not responsible for its misuse.
So what is it exactly, how it works and what does it do? Read Here.
Pegasus is a spyware developed by Israeli cybersecurity firm NSO Group. It was first noticed in 2016 but created a lot of buzz in late 2019 when it was revealed that the spyware was used for snooping on journalists and human rights activists across the globe, including in India.
Earlier it was believed that Pegasus was targeting iPhone users. Several days after its discovery Apple released an updated version of iOS, which reportedly patched the security loophole that Pegasus was using to hack phones.
However, a year later, security researchers found that Pegasus was equally capable of infecting Android phones. More security patches and more information trickled. Then in 2019, Facebook filed a case against NSO Group for creating Pegasus. The security researchers at Facebook were chasing Pegasus across their systems, and they found that the software was used to infect several journalists and activists in India. This was also the time when WhatsApp told the affected Indian users about it through a message.
Pegasus gains access to a phone through a malicious web link through a message or email. Once a user clicked on the link, Pegasus would be installed on the phone. The spyware also has some new abilities. Researchers found that it could be even installed on the phone with just a missed WhatsApp call.
Moreover, once Pegasus had access to the device, it could delete any call logs, thus making it virtually impossible for the victim to know that their phone was a target by the spyware.
Once Pegasus is on a phone, it can potentially spy on the targeted user completely and thoroughly. Even encrypted chats like the ones made through WhatsApp were accessible to Pegasus. Security researchers have found that Pegasus can read messages, track calls, track user activity within apps, gather location data, access video cameras in a phone, or listen through their microphones.
Let’s be clear: We’re talking total surveillance. Pegasus is modular malware. After scanning the target’s device, it installs the necessary modules to read the user’s messages and mail, listen to calls, capture screenshots, log pressed keys, exfiltrate browser history, contacts, and so on and so forth. Basically, it can spy on every aspect of the target’s life. It’s also noteworthy that Pegasus could even listen to encrypted audio streams and read encrypted messages — thanks to its keylogging and audio recording capabilities, it was stealing messages before they were encrypted (and, for incoming messages, after decryption).
Several cybersecurity analysts and experts have pointed out that the only way to get completely rid of Pegasus is to discard the phone that has been affected. According to Citizen Lab, even factory resetting your smartphone will not be useful as it cannot get rid of the spyware completely.
The attackers can continue to access your online accounts even after your device is no longer infected. Thus, the only way to get rid of Pegasus completely is to discard the phone and to ensure that all the apps which you reinstall on your new phone are up to date.
In order to ensure your online accounts are safe, you should also change the passwords of all the cloud-based applications and services that you were using on the infected device.
The University of Kashmir has invited eligible candidates for a walk-in interview for filling the…
Social media platforms have become breeding grounds for fraudulent job scams, with scammers exploiting unemployed…
Jammu and Kashmir’s Lieutenant Governor Manoj Sinha Saturday said that he is personally monitoring the…
Police on Saturday arrested a fair shop dealer over alleged sexual harassment of a minor…
National Investigation Agency on Saturday morning attached the residential house of an accused in connection…
Pakistani Dr Shahnaz Laghari is the world’s first Hijabi female pilot who flew an aircraft…