Tag: spyware

Pegasus Spyware – Is it a curse to privacy ?

  • Photo from The Guardian YouTube channel


What is the work of Pegasus and What is its origin?

Pegasus owned by a NSO group- a private foundation, which many leading countries believe that it is the most powerful spyware ever created, it was coded to infiltrate into the smartphones of target users, be it IOS or Android, and it converts personal devices into surveillance devices. It is the main product of NSO group which was founded by Niv Carmi, Shalev Hulio and Omri Lavie. It is a Herzliya based company located near Tel Aviv, Israel which was founded in 2010, it is a subsidiary of Q Cyber Technologies group of companies.

What is the actual meaning of a Spyware?

Let’s get this straight, in simple words, a spyware is the term given to a category of software which aims to steal personal or organisational data/information without the consent of host. Once a spyware is successfully installed, it starts sending the data from that computer/mobile in the background to a third-party which is controlling this spyware. This third-party can be any government or The NSO group itself.

Pegasus can bypass your phone’s security and install malware that grants complete access to your device. It can access every message you’ve ever sent and received, every photo, video and email, can turn on your microphone, even when you’re not using a phone call, just record what you’re doing in the room. It can turn on your camera, and is also able to record what’s on your screen, can access your GPS, it can monitor your location. And it is able do all of this without you ever knowing.

So if you think that you are using online chatting apps like WhatsApp owned by Facebook or Signal owned by Moxie Marlinspike and Brian Acton which are famous for end-to-end encryption but this gets meaningless once Pegasus is on your phone. It is virtually undetectable which makes it even more lethal.

History of Pegasus software :

  • To begin with the brief history of Pegasus, in 2016 the Canadian Cybersecurity Organisation The Citizen Lab encountered it’s first case on the smartphone of Human Right activist Ahmed Mansoor.
  • In addition, in September 2018 The Citizen Lab published a report identifying 45 countries in which Pegasus was being used.
  • Furthermore, in the year 2019 WhatsApp exposed that journalists and Human Rights Activists in India were under surveillance by operators using Pegasus.
  • The latest case of this spyware is found India in July 2021, The Pegasus Project revealed that various governments used the software to spy on government officials, opposition politicians and many more eminent faces. Some records state that Indian government used the software to spy on around 300 people between 2019 and 2021.
This image has an empty alt attribute; its file name is nso.jpg

Is spying legal in India?

The laws governing surveillance in India are The Telegraph Act, 1885 which indicates about the interception of calls and The Information Technology Act, 2000, it deals with the interception of data. Under both the laws, only government, under certain circumstances, is allowed to conduct surveillance. Moreover, hacking in India is illegal under IT Act.

Is there any solution to save us from this cyber attack havoc ?

Many Cybersecurity experts state that a phone infiltrated by Pegasus might not be able to recover completely, some traces can be found even after a strong factory reset.

Although they have introduced some preventive measures to save oneself from getting hitched with this software.

Open links only from trusted websites, contacts and sources while using your device.

Please make sure that your device is fully upgraded with the latest patches and system/app updates.

Keep your device safe by limiting physical access. This can be done by applying pin, password, biometric locking and face-locking facility.

Also avoid using open Wi-fi or hotspot as the host may steal your data from the network connection. Try using VPN to prevent this condition while using Wi-fi or hotspots it is a safer option to prevent your information.

Do have a backup of your credentials and important documents, if in case your device is lost, stolen or broken you will never lack from your data.

 

Understanding Pegasus

How would you feel if someone says that you are being tapped 24/7 , someone is reading all your messages, accessing to all your private datas , recording you. Pretty sure everyone would be spooked out . This is what Pegasus project of Amnesty International claims.

What is Pegasus??

Pegasus has been derived from Greek mythology . It symbolizes a white horse with wings . But today Pegasus is a dangerous virus which can access your phone , steal your data and sell it to someone else. For this virus to enter your phone , you doesn’t have to click on any links , just a misscall is enough to infiltrate your phone.

Who developed this spyware and why?

This spyware was developed by NSO , an Israeli cyberarm firm . The actual motive behind this was to track down terrorist and criminals. This software is only sold to government. Maxican government confirmed that they used Pegasus spyware to capture Maxican druglord El Chappo.

What is the cost of installing this software?

Over half a million dollars ie over 3.5 crore rupees cost as installation fees and almost $650000 ie almost 5 crore to spy on just 10 Android or iPhone users. And hundreds of thousand dollars more for additional surveillance target.

What its relevance today??

Amnesty International with many others carried out Pegasus Project and alleged that many governments have been using this spyware to tap illegally its citizens. They listed out 50000 phone numbers in which pegasus infiltrated, or tried to, or are its potential targets. This list includes many known political leaders, media houses, journalist, lawyers and scholars.France’s President Macron charged his phone eversince his name was on the list.

This project alleged that countries like Togo, Rwanda ,Morocco, Saudi Arabia,Bahrain ,UAE,Azarbaizan,Kagakhstan,Mexico ,Hungary and India have used this spyware to spy on its citizens. It is important to note that this report clearly claims that just because numbers appears on the list it doesn’t means that their phone were attacked, its only suspicions.Many countries have already started investigation.

Though this project has not been proved right yet, this is a serious issue that needs to be addressed. It is terrifying just to know that such software even exist.

PEGASUS; a threat to privacy?

Pegasus is spyware developed by the Israeli cyberarms firmNSO Group that can be covertly installed on mobile phones (and other devices) running most versions of iOS and Android.The 2021 Project Pegasus revelations suggest that current Pegasus software is able to exploit all recent iOS versions up to iOS 14.6. According to the Washington Post and other prominent media sources, Pegasus not only enables the keystroke monitoring of all communications from a phone (texts, emails, web searches) but it also enables phone call and location tracking, while also permitting NSO Group to hijack both the mobile phone’s microphone and camera, thus turning it into a constant surveillance device.

image source – TechChannel News

The company had previously been owned by American private equity firm Francisco Partners, then bought back by the founders in 2019. NSO states that it provides “authorized governments with technology that helps them combat terror and crime” has published sections of contracts requiring customers only to use its products for criminal and national security investigations, and stated that it has an industry-leading approach to human rights. The spyware is named after the mythical winged horse Pegasus—it is a Trojan horse that can be sent “flying through the air” to infect phones.

Pegasus was discovered in August 2018 after a failed attempt at installing it on an iPhone belonging to a human rights activist[citation needed] led to an investigation revealing details about the spyware, its abilities, and the security vulnerabilities it exploited. As of 2016, Pegasus was capable of reading text messages, tracking calls, collecting passwords, tracking location, accessing the target device’s microphone and camera, and harvesting information from apps. News of the spyware caused significant media coverage. It was called the “most sophisticated” smartphone attack ever, and was the first time that a malicious remote exploit using jailbreak to gain unrestricted access to an iPhone had been detected.

How is it a threat ?

The spyware can be installed on devices running certain versions of iOS, Apple’s mobile operating system, as well as some Android devices. Rather than being a specific exploit, Pegasus is a suite of exploits that uses many vulnerabilities in the system. Infection vectors include clicking links, the Photos app, the Apple Music app, and iMessage. Some of the exploits Pegasus uses are zero-click—that is, they can run without any interaction from the victim. Once installed, Pegasus has been reported to be able to run arbitrary code, extract contacts, call logs, messages, photos, web browsing history, settings, as well as gather information from apps including but not limited to communications apps iMessage, Gmail, Viber, Facebook, WhatsApp, Telegram, and Skype.

Pegasus hides itself as far as is possible and self-destructs in an attempt to eliminate evidence if unable to communicate with its command-and-control server for over 60 days, or if on the wrong device. Pegasus can also do this on command.

Recent buzz

Independent digital forensic analysis conducted on 10 Indian phones whose numbers were present in the data showed signs of either an attempted or successful Pegasus hack. The results of the forensic analysis threw up shows sequential correlations between the time and date a phone number is entered in the list and the beginning of surveillance. The gap usually ranges between a few minutes and a couple of hours.

11 phone numbers associated with a female employee of the Supreme Court of India and her immediate family, who accused the former Chief Justice of India, Ranjan Gogoi, of sexual harrasment, are also allegedly found on a database indicating possibility of their phones being snooped.

Records also indicate that phone numbers of some of the key political players in Karnataka appear to have been selected around the time when an intense power struggle was taking place between the Bharatiya Janata Party and the Janata Dal (Secular)-Congress-led state government in 2019.

The Pegasus spyware hack reveals that Apple needs to substantially improve iPhone security.

Apple has always been proud of the secure service it provides to its customers. It often pokes fun at Android, speaks at length about privacy during keynotes, and has released few features that have irritated the other Big Tech companies. However, the new Pegasus spyware disclosure has left Apple red-faced, indicating that the Cupertino-based tech company has to beef up its security. Journalists and human rights campaigners from all around the world, including India, were targeted by the malware.

The Amnesty International Security Lab discovered evidence of Pegasus infections or attempted infections in 37 of the total 67 cellphones examined. 34 of them were iPhones, with 23 displaying evidence of a successful Pegasus infection and the other 11 displaying signs of an attempted infection.

Only three of the 15 Android cellphones, on the other hand, revealed signs of a hacking effort. However, there are two things to consider before assuming that Android phones are safer than iPhones. One, Amnesty’s investigators confirmed that Pegasus evidence was located on the iPhone more than anywhere else. Android’s logs aren’t large enough to retain all of the data required for decisive findings. People have greater security expectations than the iPhone, for two reasons.

Apple has often said in previous years that the iPhone is a more secure phone than Android, and this assertion holds whether Pegasus is there or not. However, the Pegasus tale demonstrates that the iPhone is not as secure, or rather unhackable, as Apple claims. This is reflected in Amnesty International’s statement.

The issue is especially concerning because it affected even the most recent iPhone 12 devices running the most recent version of Apple’s operating system. That’s usually the best and last level of protection a smartphone maker can provide.

“Apple strongly opposes cyberattacks against journalists, human rights advocates, and anyone working to make the world a better place,” Ivan Krstic, head of Apple Security Engineering and Architecture, said in a statement to India Today Tech. Apple has led the industry in security innovation for over a decade, and as a consequence, security experts believe that the iPhone is the safest and most secure consumer mobile device available. Such attacks are very complex, cost millions of dollars to create, have a short shelf life, and are used to target specific persons. While this means they pose no harm to the vast majority of our users, we continue to work diligently to secure all of our customers, and we’re always implementing additional safeguards for their devices and data.”

How did the iPhone’s security get hacked?

Pegasus zero-click assaults were used to hack the iPhones, according to the study. It claims that thousands of iPhones have been infected, but it cannot confirm the exact number of phones that have been affected. ‘Zero-click’ assaults, as the name implies, do not involve any activity from the phone’s user, giving an already strong virus even more potential. These attacks target software that accepts data without first determining whether or not it is trustworthy.

In November 2019, Google Project Zero security researcher Ian Beer uncovered a similar vulnerability, revealing that attackers may take total control of an iPhone in the radio vicinity without requiring any user input. Apple released a software update to remedy the problem but confessed that it was powerful enough to damage the devices.

Because zero-click attacks don’t involve any user interaction, avoiding them becomes extremely tough. Even if you are aware of phishing attempts and use the best online practices, you may still be targeted by this malware.

What does Pegasus have access to?

While there is an amount of data on who was impacted and how they were affected, no investigation has been able to uncover the data that was gathered. However, the options are limitless. Pegasus may gather emails, call logs, social network posts, user passwords, contact lists, photos, videos, sound recordings, and browser history, among other things.

It also can turn on the cameras or microphones to acquire new photos and recordings. It can listen to voice mails and gather location records to figure out where a user has gone, and it can do all of this without the user accessing their phone or clicking on a strange link.