Pegasus, A Spyware That Can Intel Anyone
A short story of malware made by an Israeli company, designed to spy primarily on smartphones — with no footprints detected.
Before we get started about Pegasus, I have a short brief about Spyware. It is called Spyware because spyware is a type of malicious software or Malware. It can be installed on a computing device without the user’s approval. If our device is infected, it will steal sensitive information and internet usage data and will relay it to advertisers, data firms, or external users.
In the last decade, the cybersecurity universe has been buzzing about Pegasus, a revolutionary spying tool, spyware that can intel anyone. What is worth knowing about this spyware? How can we become its victims and how to protect ourselves from it?
Pegasus, how it’s all started, and what is the original purpose?
Pegasus is founded in 2013 and discovered in 2016, created and distributed by the Israeli company NSO Group, designed to spy primarily on smartphones. In the first appearance, the manufacturer makes sure that the Pegasus is only available to services fighting crime and terrorism, but you know this kind of thing, by the time, it has been proven to be far from the truth.
After the infringement has proven, an international investigation is held, led among others by Amnesty International, this spyware known to purchased in recent years by services from about 50 countries and was used to eavesdrop on a total of 50,000 victims, among them journalists, activists, and lawyers inconvenient for the government. In addition, the target list included numbers of businessmen, spiritual leaders, academics, NGO activists, and government officials (even prime ministers and ministers).
The Pegasus spyware is characterized by being powerful and leaving no footprints on the victim’s phone. It is probably the most discreet and easiest to use mobile device surveillance program.
How Does Pegasus Works, Can It be detected on an infected device?
Based on the article published from Codex, Pegasus can proceed with several attack vectors are known. The first one is a crafted link in an SMS or email message that connects the device to a server containing Pegasus and infects the operating system. The Trojan can also be downloaded unintentionally by accessing a crafted website that will download unwanted software to our phone in the background.
The next two ways of attack do not require user participation and the software installs itself automatically. The phone can be infected through a link in a messenger or SMS message that will be displayed in the app notification (the user does not have to open the link or view the message) or through a special incoming call that will force the installation of Pegasus even if the phone is not answered.
Pegasus can copy the entire contents of the spied on device (including files, messages, passwords, SMS, emails, contact lists, web browsing addresses, location, call history and data of any applications), intercept phone calls, interrupt the installation of software updates and bypass the security of applications that encrypt data.
How do we prevent ourselves from Pegasus?
If our device is infected, we will completely not know about it. Pegasus will run unnoticed in the background system without causing any visible changes. So how can we protect ourselves against this software?
First of all, let’s avoid clicking on links from strangers. This does not fully eliminate the risk of infection, but it does reduce it somewhat.
Recently some tools were created by dedicated programmers out there, these tools can help users to analyze their phones for infections with this spyware. this tool is called MVT (Mobile Verification Toolkit). However, it requires at least an average knowledge of computer science. If you have friends or families who have knowledge about it just ask them.
First detection of Pegasus software
From this article, it is learned of the emergence of Pegasus in 2016, when specialists at Citizen Lab, a Canadian lab dedicated to research and development at the intersection of cybersecurity, global security, and human rights, among other things, discovered traces of a certain Trojan that exploited vulnerabilities in Apple hardware to circumvent iOS security and install spyware on devices.
The victim of the attack was supposed to be Ahmed Mansoor, a human rights activist in the United Arab Emirates, who received a text message with a link that allegedly contained information about torture in Emirati prisons.
The attack failed because Mansoor, instead of opening the link, asked the aforementioned Citizen Lab to analyze it. The result of the analysis was the discovery of Pegasus, which the link in the message led to and which, if opened, would have installed on the activist’s phone.
What devices can be tracked?
The software manual, which appeared online in the last weeks of 2019, shows that the Pegasus system works on devices running Android, iOS, but also on BlackBerry and Symbian operating systems.
This means that not only smartphones but also tablets are targeted and that even owners of some old Nokia devices from 20 years ago (although there is probably a handful of those) could be exposed to this malware.
The most vulnerable to tracking will be devices that are not updated, with outdated software, so it is always a good idea to have them in the latest version. Especially since manufacturers of both phones and operating systems are developing patches for Pegasus protection as well.
Closing
We need to remember that Pegasus is commercial software, which means it can be purchased by anyone who has money. According to researchers, the price for a license to infect one person with Pegasus is about $25,000.
It should also be added that Pegasus is not the only surveillance software. So we should take care of our data to at least try to reduce the chances of our mobile devices being infected.
