Tag: pegasus

Project Pegasus: Unfolding The Cyber Spy

Project Pegasus has been in news for quite some time. Project Pegasus is an investigation about the Software Pegasus, in which 16 Media Institutes participated to expose the truth behind Pegasus. India is also one of the country whose name came out during the investigation. So What is Pegasus?

Pegasus is a spying software developed by an Israeli Technology Firm, NSO. According to NSO, the software is used to hack into the phones of their target and keep an eye on their every step. The data collected through this process can be sold to the government of a country and not to any individual or firm.

Pegasus recently became a hot topic not only in India but all around the world. It is not the first time Pegasus has came in news. But why is it highlighted now in India along with the whole world?  

Pegasus came in news after an investigation was done by 16 Media institutions from all around the world. This was initiated by a Not Profit Organisation from Paris along with Amnesty International. The project is called Project Pegasus.

Pegasus is known to infect the phone and can capture every single thing around the subject. It takes control over the phone and collects data about every single thing done by the subject. This software can be really useful to track down criminals and can be helpful to stop them. But is it really used for that?

The investigation in Project Pegasus revealed something else. The investigation revealed OVER 50,000 names that were either being tracked or were people of interest for any future assignment. In India, a list of 300 people was released. The list contains names of more than 40 journalists, 3 opposition Leaders, and two serving ministers. Former and Current Head of Security Organisation is also on this list. It is also said that the phone that was registered in the name of a serving Judge of the Supreme Court is also on the list.

 There has been no statement by the Indian Government on the issue and this can problematic. It is yet not clear if all the numbers in the list are hacked or not. It is concerning regarding privacy and the fundamentals of democracy.

It can be clearly termed as misuse of power and can have a bad effect on citizens. it is really important to take strict actions against it.

Understanding Pegasus

How would you feel if someone says that you are being tapped 24/7 , someone is reading all your messages, accessing to all your private datas , recording you. Pretty sure everyone would be spooked out . This is what Pegasus project of Amnesty International claims.

What is Pegasus??

Pegasus has been derived from Greek mythology . It symbolizes a white horse with wings . But today Pegasus is a dangerous virus which can access your phone , steal your data and sell it to someone else. For this virus to enter your phone , you doesn’t have to click on any links , just a misscall is enough to infiltrate your phone.

Who developed this spyware and why?

This spyware was developed by NSO , an Israeli cyberarm firm . The actual motive behind this was to track down terrorist and criminals. This software is only sold to government. Maxican government confirmed that they used Pegasus spyware to capture Maxican druglord El Chappo.

What is the cost of installing this software?

Over half a million dollars ie over 3.5 crore rupees cost as installation fees and almost $650000 ie almost 5 crore to spy on just 10 Android or iPhone users. And hundreds of thousand dollars more for additional surveillance target.

What its relevance today??

Amnesty International with many others carried out Pegasus Project and alleged that many governments have been using this spyware to tap illegally its citizens. They listed out 50000 phone numbers in which pegasus infiltrated, or tried to, or are its potential targets. This list includes many known political leaders, media houses, journalist, lawyers and scholars.France’s President Macron charged his phone eversince his name was on the list.

This project alleged that countries like Togo, Rwanda ,Morocco, Saudi Arabia,Bahrain ,UAE,Azarbaizan,Kagakhstan,Mexico ,Hungary and India have used this spyware to spy on its citizens. It is important to note that this report clearly claims that just because numbers appears on the list it doesn’t means that their phone were attacked, its only suspicions.Many countries have already started investigation.

Though this project has not been proved right yet, this is a serious issue that needs to be addressed. It is terrifying just to know that such software even exist.

PEGASUS; a threat to privacy?

Pegasus is spyware developed by the Israeli cyberarms firmNSO Group that can be covertly installed on mobile phones (and other devices) running most versions of iOS and Android.The 2021 Project Pegasus revelations suggest that current Pegasus software is able to exploit all recent iOS versions up to iOS 14.6. According to the Washington Post and other prominent media sources, Pegasus not only enables the keystroke monitoring of all communications from a phone (texts, emails, web searches) but it also enables phone call and location tracking, while also permitting NSO Group to hijack both the mobile phone’s microphone and camera, thus turning it into a constant surveillance device.

image source – TechChannel News

The company had previously been owned by American private equity firm Francisco Partners, then bought back by the founders in 2019. NSO states that it provides “authorized governments with technology that helps them combat terror and crime” has published sections of contracts requiring customers only to use its products for criminal and national security investigations, and stated that it has an industry-leading approach to human rights. The spyware is named after the mythical winged horse Pegasus—it is a Trojan horse that can be sent “flying through the air” to infect phones.

Pegasus was discovered in August 2018 after a failed attempt at installing it on an iPhone belonging to a human rights activist[citation needed] led to an investigation revealing details about the spyware, its abilities, and the security vulnerabilities it exploited. As of 2016, Pegasus was capable of reading text messages, tracking calls, collecting passwords, tracking location, accessing the target device’s microphone and camera, and harvesting information from apps. News of the spyware caused significant media coverage. It was called the “most sophisticated” smartphone attack ever, and was the first time that a malicious remote exploit using jailbreak to gain unrestricted access to an iPhone had been detected.

How is it a threat ?

The spyware can be installed on devices running certain versions of iOS, Apple’s mobile operating system, as well as some Android devices. Rather than being a specific exploit, Pegasus is a suite of exploits that uses many vulnerabilities in the system. Infection vectors include clicking links, the Photos app, the Apple Music app, and iMessage. Some of the exploits Pegasus uses are zero-click—that is, they can run without any interaction from the victim. Once installed, Pegasus has been reported to be able to run arbitrary code, extract contacts, call logs, messages, photos, web browsing history, settings, as well as gather information from apps including but not limited to communications apps iMessage, Gmail, Viber, Facebook, WhatsApp, Telegram, and Skype.

Pegasus hides itself as far as is possible and self-destructs in an attempt to eliminate evidence if unable to communicate with its command-and-control server for over 60 days, or if on the wrong device. Pegasus can also do this on command.

Recent buzz

Independent digital forensic analysis conducted on 10 Indian phones whose numbers were present in the data showed signs of either an attempted or successful Pegasus hack. The results of the forensic analysis threw up shows sequential correlations between the time and date a phone number is entered in the list and the beginning of surveillance. The gap usually ranges between a few minutes and a couple of hours.

11 phone numbers associated with a female employee of the Supreme Court of India and her immediate family, who accused the former Chief Justice of India, Ranjan Gogoi, of sexual harrasment, are also allegedly found on a database indicating possibility of their phones being snooped.

Records also indicate that phone numbers of some of the key political players in Karnataka appear to have been selected around the time when an intense power struggle was taking place between the Bharatiya Janata Party and the Janata Dal (Secular)-Congress-led state government in 2019.

The Pegasus spyware hack reveals that Apple needs to substantially improve iPhone security.

Apple has always been proud of the secure service it provides to its customers. It often pokes fun at Android, speaks at length about privacy during keynotes, and has released few features that have irritated the other Big Tech companies. However, the new Pegasus spyware disclosure has left Apple red-faced, indicating that the Cupertino-based tech company has to beef up its security. Journalists and human rights campaigners from all around the world, including India, were targeted by the malware.

The Amnesty International Security Lab discovered evidence of Pegasus infections or attempted infections in 37 of the total 67 cellphones examined. 34 of them were iPhones, with 23 displaying evidence of a successful Pegasus infection and the other 11 displaying signs of an attempted infection.

Only three of the 15 Android cellphones, on the other hand, revealed signs of a hacking effort. However, there are two things to consider before assuming that Android phones are safer than iPhones. One, Amnesty’s investigators confirmed that Pegasus evidence was located on the iPhone more than anywhere else. Android’s logs aren’t large enough to retain all of the data required for decisive findings. People have greater security expectations than the iPhone, for two reasons.

Apple has often said in previous years that the iPhone is a more secure phone than Android, and this assertion holds whether Pegasus is there or not. However, the Pegasus tale demonstrates that the iPhone is not as secure, or rather unhackable, as Apple claims. This is reflected in Amnesty International’s statement.

The issue is especially concerning because it affected even the most recent iPhone 12 devices running the most recent version of Apple’s operating system. That’s usually the best and last level of protection a smartphone maker can provide.

“Apple strongly opposes cyberattacks against journalists, human rights advocates, and anyone working to make the world a better place,” Ivan Krstic, head of Apple Security Engineering and Architecture, said in a statement to India Today Tech. Apple has led the industry in security innovation for over a decade, and as a consequence, security experts believe that the iPhone is the safest and most secure consumer mobile device available. Such attacks are very complex, cost millions of dollars to create, have a short shelf life, and are used to target specific persons. While this means they pose no harm to the vast majority of our users, we continue to work diligently to secure all of our customers, and we’re always implementing additional safeguards for their devices and data.”

How did the iPhone’s security get hacked?

Pegasus zero-click assaults were used to hack the iPhones, according to the study. It claims that thousands of iPhones have been infected, but it cannot confirm the exact number of phones that have been affected. ‘Zero-click’ assaults, as the name implies, do not involve any activity from the phone’s user, giving an already strong virus even more potential. These attacks target software that accepts data without first determining whether or not it is trustworthy.

In November 2019, Google Project Zero security researcher Ian Beer uncovered a similar vulnerability, revealing that attackers may take total control of an iPhone in the radio vicinity without requiring any user input. Apple released a software update to remedy the problem but confessed that it was powerful enough to damage the devices.

Because zero-click attacks don’t involve any user interaction, avoiding them becomes extremely tough. Even if you are aware of phishing attempts and use the best online practices, you may still be targeted by this malware.

What does Pegasus have access to?

While there is an amount of data on who was impacted and how they were affected, no investigation has been able to uncover the data that was gathered. However, the options are limitless. Pegasus may gather emails, call logs, social network posts, user passwords, contact lists, photos, videos, sound recordings, and browser history, among other things.

It also can turn on the cameras or microphones to acquire new photos and recordings. It can listen to voice mails and gather location records to figure out where a user has gone, and it can do all of this without the user accessing their phone or clicking on a strange link.

The Pegasus Project – democracy and need for internet laws.

In a shocking revelation, the minister of Telecommunication, Government of India faced questions on the Project Pegasus report – a research on the pegasus spyware that has been developed by the Israeli NSO for “vetted government clients” only. It can breach all Windows, Mac, Android and iOS security checks upto iOS 14.6.

The Forbidden Stories group and the Amnesty International with the Wire and the Washington Post revealed that governments, politicians and journalists all over the world have been targeted with more than 300 people in India alone been tracked regularly using the spyware. Allegedly, only 10 out of these 300 people had mobiles with conclusive or clear presence of the software. These 300 people however include journalists, politicians, cabinet ministers and a sitting Supreme Court judge. These numbers and cases are similar in countries like Mexico, Morocco, Saudi Arabia, the UAE, Bahrain, Rwanda, Azerbaijan and Hungary.

Ultimate spyware' — How Pegasus is used for surveillance
The Pagasus is developed by Israeli NSO.

The first and foremost question ought to be raised against Israel and all governments that are using the spyware, for a spyware is not how a democracy should work in theory. After all, little is left of “democracy” in most nations in the last decade. The second question is why there is an absence of data protection laws in most countries including India, Pakistan and south Asian nations – that house a large part of humanity. The third question is to be raised against the government in India where an official allegedly replied to a question about the spyware by stating that all monitoring, interception and decryption is or shall be carried out as per a “due process of law” which is ironic because there are no such laws in India.

Now, back to the questions that Mr Ashwini Vaishnav, Minister of Telecommunication, India had to answer in the Parliament several hours ago. The minister out right refused any spyware quoting the Binoy Viswam vs RBI case in the supreme court where the WhatsApp Counsel refused any spyware involvement. However, this might actaully be true because the NSO has quite clearly used the term – “vetted governments”. So, speaking per se, no private contractor is involved. However, this conclusion is only one way of seeing things. The author recommends personal discretion and further research as the press conference against Pegasus took place only on the 18th of July 2021. The Minister also pointed out that the NSO uses data and using data should not be equated to surveillance. He also added that surveillance is not possible in a country like India with so many checks and balances.

The author has no opinion that supports or opposes the answers Mr Vaishnav presented today. However, just as a note – surveillance is always illegal in any democracy. It is illegal in the US and yet about 5 years ago, news of massive US surveillance across the globe was made public by leaked documents. Surveillance is almost always carried out by the Executive without intimating the legislature or the public. Many-a-times, even the ruling party is unaware of the realities of the state. What we as a democracy can do is to establish stronger laws against the process and establishing a more transparent mechanism to keep the executive in check.

Finally, this article is based only on the events that unfolded on the 18th of July 2021 and the immediate aftermath on the 19th of the same month. Let us await further investigations and reports to build any conclusive opinion about any institution. However, the need for stronger privacy laws is important anyways, irrespective of the type of state one lives in – especially in a democracy.

PEGASUS LEAK IN INDIA

Pegasus is a spyware program developed by the Israeli business NSO Group that may gather data from mobile phones. Stating simply, It is a type of malware that infects iPhones and Android smartphones, allowing its users to extract texts, images, and emails, as well as record calls and covertly activate microphones.

 Pegasus was found to be spying on roughly 50,000 phone numbers throughout the world, according to a worldwide investigation. Out of which 300 of them being confirmed Indian numbers. According to an investigation into a large data breach, authoritarian regimes have targeted human rights activists, journalists, and attorneys all around the world using hacking tools provided by the Israeli spy business NSO Group. In India, the phone numbers include of  the legal community, businesspeople, government officials, scientists and acitivists. According to THE WIRE, Over 40 journalists, three major opposition figures, one constitutional authority, two serving ministers in the Narendra Modi government, current and former heads and officials of security organizations, and scores of businesspeople are among those in the database and their names would be soon released in the upcoming days. Newspapers like, The Guardian and The Washington Post, among others, released important facts showing the extent of what they dubbed “global surveillance operations” using Pegasus. The NSA whistleblower Edward Snowden tweeted on Sunday that this “spill” might be “the tale of the year.” 

So basically, all we have to know is how Pegasus operates and how does it actually work. So after it is installed, it may collect data from emails, text messages such as SMS, WhatsApp conversations, phone records, contact lists, and GPS data and send it to the attacker. It can also activate a microphone, call recorder, and camera to give the attacker with surveillance capabilities. Forensic examinations on certain phones linked to the target numbers found unmistakable indications of Pegasus malware targeting and this task made simpler by the fact that the device was an Apple iPhone. 

However, The Israeli firm that distributes Pegasus, NSO Group, disputed the claims, claiming that it only sells its spyware to “vetted countries.” Representatives claimed the business was “considering a defamation action” after allegations that it sold malware to intelligence, military, and law-enforcement organizations in 40 nations. On the other hand, the government of India also denied any involvement in the hacking, claiming that “the claims about government monitoring on individual people have no solid basis or truth linked with it whatsoever.” They also released a statement which states that in the past, similar accusations were made regarding the Indian State’s use of Pegasus on WhatsApp. In the Supreme Court, all parties, including WhatsApp, explicitly rejected the reports. They also said that this press release looks to be a similar fishing expedition, based on speculation and exaggeration in order to discredit India’s democracy and institutions.

Nevertheless, Pegasus was reportedly used to target journalists and human rights activists in India by Facebook-owned WhatsApp in 2019, according to a few sources. This information was revealed in a lawsuit filed in a US court in San Francisco by WhatsApp.