Mobile News

Pegasus spyware: what is it? How does it infect your phone? How can you check if your phone has been targeted?


Pegasus Spyware is a surveillance software created by the Israeli cyber intelligence agency NSO Group. The firm is known to create sophisticated software and technology for sale exclusively to law enforcement and intelligence agencies of trusted governments for the sole purpose of saving lives by preventing crime and terrorist attacks, the company claims. Pegasus is one such program that is designed to gain access to your phone without consent, collect personal and confidential information and deliver it to the user who is spying on you.

Pegasus Spyware: What Does It Do?

In accordance with KasperskyPegasus spyware can read victim’s SMS and emails, listen to calls, take screenshots, record keystrokes, and access contacts and browser history. Other report confirms that a hacker can hijack a phone’s microphone and camera, turning it into a real-time surveillance device. It’s also worth noting that Pegasus is a fairly complex and expensive piece of malware designed to spy on people of special interest, so the average user is unlikely to run into it.

Pegasus Spyware: When Was It First Discovered?

Pegasus spyware was first discovered in the iOS version in 2016, and then a slightly different version was discovered on Android. Kaspersky notes that SMS was one of the main infection schemes in the beginning. The victim received an SMS with a link. If a person clicks on it, their device becomes infected with spyware.

However, over the past half decade, Pegasus has evolved from a relatively primitive system based on social engineering to software that can hack a phone without the user having to click on a single link or what the cyber world likes to call zero. -click exploits.

Pegasus Spyware: How Does It Infect Your Phone?

Organized Crime and Corruption Reporting Project (OCCRP) reports that ultimately, as the public became more aware of these tactics and better at identifying malicious spam, a zero-click exploit solution was discovered. This method does not rely at all on the target doing anything for Pegasus to hack into their device. Zero-click exploits are based on bugs in popular apps like iMessage, WhatsApp, and FaceTime that retrieve and sort data, sometimes from unknown sources. Once a vulnerability is discovered, Pegasus can infiltrate the device using the application protocol. The user does not need to follow a link, read a message or answer a call – he may not even see a missed call or message.

“It connects to most messaging systems, including Gmail, Facebook, WhatsApp, FaceTime, Viber, WeChat, Telegram, Apple’s built-in messaging and email apps, and more. With such a composition, it was possible to spy on almost the entire population of the world. The NSO is clearly offering “intelligence as a service,” said Timothy Summers, a former cyber engineer for one of the US intelligence agencies.


In addition to zero-click exploits, OCCRP reports another technique, called “network injection”, to invisibly access a target device. The target’s browsing of the web can expose them to attack without having to click on a specially designed malicious link. This approach involves waiting for the target to visit a website that is not fully secured during their normal online activity. As soon as they follow a link to an unsecured site, NSO Group software can access the phone and cause infection.

Amnesty International recently reported that NSO Group spyware has infected new iPhones such as the iPhone 11 and iPhone 12 through zero-click iMessage attacks. Spyware can mimic an app downloaded to an iPhone and transmit itself as push notifications through Apple’s servers. Thousands of iPhones have been potentially compromised by NSO spyware.

Kaspersky He speaks that Pegasus for Android does not rely on zero-day vulnerabilities. Instead, it uses a well-known rooting method called Framaroot. Another difference: if the iOS version fails to jailbreak the device, the entire attack fails, but with the Android version, even if the malware cannot gain the necessary root access to install the surveillance software, it will still try to directly request permission from the user. … he needs to extract at least some data.

Pegasus spyware: is there a way to tell if a phone has been jailbroken?

Amnesty International researchers have developed a tool to check if your phone has been targeted by spyware. The Mobile Verification Toolkit (MVT) is designed to help you determine if Pegasus has infected your device. While it works on both Android and iOS devices, it requires some command line knowledge to get it working right now. However, over time, MVT can get a graphical user interface (GUI).

Source link


Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button