Tag: NSO group

Pegasus Spyware – Is it a curse to privacy ?

  • Photo from The Guardian YouTube channel


What is the work of Pegasus and What is its origin?

Pegasus owned by a NSO group- a private foundation, which many leading countries believe that it is the most powerful spyware ever created, it was coded to infiltrate into the smartphones of target users, be it IOS or Android, and it converts personal devices into surveillance devices. It is the main product of NSO group which was founded by Niv Carmi, Shalev Hulio and Omri Lavie. It is a Herzliya based company located near Tel Aviv, Israel which was founded in 2010, it is a subsidiary of Q Cyber Technologies group of companies.

What is the actual meaning of a Spyware?

Let’s get this straight, in simple words, a spyware is the term given to a category of software which aims to steal personal or organisational data/information without the consent of host. Once a spyware is successfully installed, it starts sending the data from that computer/mobile in the background to a third-party which is controlling this spyware. This third-party can be any government or The NSO group itself.

Pegasus can bypass your phone’s security and install malware that grants complete access to your device. It can access every message you’ve ever sent and received, every photo, video and email, can turn on your microphone, even when you’re not using a phone call, just record what you’re doing in the room. It can turn on your camera, and is also able to record what’s on your screen, can access your GPS, it can monitor your location. And it is able do all of this without you ever knowing.

So if you think that you are using online chatting apps like WhatsApp owned by Facebook or Signal owned by Moxie Marlinspike and Brian Acton which are famous for end-to-end encryption but this gets meaningless once Pegasus is on your phone. It is virtually undetectable which makes it even more lethal.

History of Pegasus software :

  • To begin with the brief history of Pegasus, in 2016 the Canadian Cybersecurity Organisation The Citizen Lab encountered it’s first case on the smartphone of Human Right activist Ahmed Mansoor.
  • In addition, in September 2018 The Citizen Lab published a report identifying 45 countries in which Pegasus was being used.
  • Furthermore, in the year 2019 WhatsApp exposed that journalists and Human Rights Activists in India were under surveillance by operators using Pegasus.
  • The latest case of this spyware is found India in July 2021, The Pegasus Project revealed that various governments used the software to spy on government officials, opposition politicians and many more eminent faces. Some records state that Indian government used the software to spy on around 300 people between 2019 and 2021.
This image has an empty alt attribute; its file name is nso.jpg

Is spying legal in India?

The laws governing surveillance in India are The Telegraph Act, 1885 which indicates about the interception of calls and The Information Technology Act, 2000, it deals with the interception of data. Under both the laws, only government, under certain circumstances, is allowed to conduct surveillance. Moreover, hacking in India is illegal under IT Act.

Is there any solution to save us from this cyber attack havoc ?

Many Cybersecurity experts state that a phone infiltrated by Pegasus might not be able to recover completely, some traces can be found even after a strong factory reset.

Although they have introduced some preventive measures to save oneself from getting hitched with this software.

Open links only from trusted websites, contacts and sources while using your device.

Please make sure that your device is fully upgraded with the latest patches and system/app updates.

Keep your device safe by limiting physical access. This can be done by applying pin, password, biometric locking and face-locking facility.

Also avoid using open Wi-fi or hotspot as the host may steal your data from the network connection. Try using VPN to prevent this condition while using Wi-fi or hotspots it is a safer option to prevent your information.

Do have a backup of your credentials and important documents, if in case your device is lost, stolen or broken you will never lack from your data.

 

PEGASUS; a threat to privacy?

Pegasus is spyware developed by the Israeli cyberarms firmNSO Group that can be covertly installed on mobile phones (and other devices) running most versions of iOS and Android.The 2021 Project Pegasus revelations suggest that current Pegasus software is able to exploit all recent iOS versions up to iOS 14.6. According to the Washington Post and other prominent media sources, Pegasus not only enables the keystroke monitoring of all communications from a phone (texts, emails, web searches) but it also enables phone call and location tracking, while also permitting NSO Group to hijack both the mobile phone’s microphone and camera, thus turning it into a constant surveillance device.

image source – TechChannel News

The company had previously been owned by American private equity firm Francisco Partners, then bought back by the founders in 2019. NSO states that it provides “authorized governments with technology that helps them combat terror and crime” has published sections of contracts requiring customers only to use its products for criminal and national security investigations, and stated that it has an industry-leading approach to human rights. The spyware is named after the mythical winged horse Pegasus—it is a Trojan horse that can be sent “flying through the air” to infect phones.

Pegasus was discovered in August 2018 after a failed attempt at installing it on an iPhone belonging to a human rights activist[citation needed] led to an investigation revealing details about the spyware, its abilities, and the security vulnerabilities it exploited. As of 2016, Pegasus was capable of reading text messages, tracking calls, collecting passwords, tracking location, accessing the target device’s microphone and camera, and harvesting information from apps. News of the spyware caused significant media coverage. It was called the “most sophisticated” smartphone attack ever, and was the first time that a malicious remote exploit using jailbreak to gain unrestricted access to an iPhone had been detected.

How is it a threat ?

The spyware can be installed on devices running certain versions of iOS, Apple’s mobile operating system, as well as some Android devices. Rather than being a specific exploit, Pegasus is a suite of exploits that uses many vulnerabilities in the system. Infection vectors include clicking links, the Photos app, the Apple Music app, and iMessage. Some of the exploits Pegasus uses are zero-click—that is, they can run without any interaction from the victim. Once installed, Pegasus has been reported to be able to run arbitrary code, extract contacts, call logs, messages, photos, web browsing history, settings, as well as gather information from apps including but not limited to communications apps iMessage, Gmail, Viber, Facebook, WhatsApp, Telegram, and Skype.

Pegasus hides itself as far as is possible and self-destructs in an attempt to eliminate evidence if unable to communicate with its command-and-control server for over 60 days, or if on the wrong device. Pegasus can also do this on command.

Recent buzz

Independent digital forensic analysis conducted on 10 Indian phones whose numbers were present in the data showed signs of either an attempted or successful Pegasus hack. The results of the forensic analysis threw up shows sequential correlations between the time and date a phone number is entered in the list and the beginning of surveillance. The gap usually ranges between a few minutes and a couple of hours.

11 phone numbers associated with a female employee of the Supreme Court of India and her immediate family, who accused the former Chief Justice of India, Ranjan Gogoi, of sexual harrasment, are also allegedly found on a database indicating possibility of their phones being snooped.

Records also indicate that phone numbers of some of the key political players in Karnataka appear to have been selected around the time when an intense power struggle was taking place between the Bharatiya Janata Party and the Janata Dal (Secular)-Congress-led state government in 2019.