Is your phone at risk? : Pegasus Spyware
Spyware can capture keystrokes, intercept communications, track the device and use the camera and microphone to spy on the userAuthor : Sheetal Mahajan
From a list of more 50,000 phone numbers, journalists identified more than 1,000 people in 50 countries reportedly under surveillance using the Pegasus spyware. The software was developed by the Israeli company NSO Group and sold to government clients.
Among the reported targets of the spyware are journalists, politicians, government officials, chief executives and human rights activists.
Pegasus is the hacking software – or spyware – that is developed, marketed and licensed to governments around the world by the Israeli company NSO Group. It has the capability to infect billions of phones running either iOS or Android operating systems.
The earliest version of Pegasus discovered, which was captured by researchers in 2016, infected phones through what is called spear-phishing – text messages or emails that trick a target into clicking on a malicious link.
There’s nothing particularly complicated about how the Pegasus spyware infects the phones of victims. The initial hack involves a crafted SMS or iMessage that provides a link to a website. If clicked, this link delivers malicious software that compromises the device.
The aim is to seize full control of the mobile device’s operating system, either by rooting (on Android devices) or jailbreaking (on Apple iOS devices).
Usually, rooting on an Android device is done by the user to install applications and games from non-supported app stores, or re-enable a functionality that was disabled by the manufacturer.
Apple devices are frequently updated to the latest iOS version via automatic patch installation. This helps improve security and also increases the value of finding a workable compromise to the latest iOS version, as the new one will be used on a large proportion of devices globally.
On the other hand, Android devices are based on open-source concepts, so hardware manufacturers can adapt the operating system to add additional features or optimise performance. We typically see a large number of Android devices running a variety of versions — inevitably resulting in some unpatched and insecure devices (which is advantageous for cybercriminals).
“Things are becoming a lot more complicated for the targets to notice,” said Guarnieri, who explained that NSO clients had largely abandoned suspicious SMS messages for more subtle zero-click attacks.
For companies such as NSO, exploiting software that is either installed on devices by default, such as iMessage, or is very widely used, such as WhatsApp, is especially attractive, because it dramatically increases the number of mobile phones Pegasus can successfully attack.