First reported about in 2019, the Pegasus spyware is still one of the most chosen tools for “total surveillance”. India’s name has figured among countries that used Pegasus to potentially target politicians, journalists, and activists. Here’s all you need to know about it:
First reported about in 2019, the Pegasus spyware is still one of the most chosen tools for “total surveillance". India’s name has figured among countries that used Pegasus to potentially target politicians, journalists, and activists. Here’s all you need to know about it:
What is the Pegasus spyware?
Simply put, Pegasus is a malware that is used to spy on people. Its creator, Israeli security firm NSO Group, has said it only sells the tool to government agencies, which has led to speculation about them being behind the recent hacks. A document containing the product details of Pegasus was uploaded to document cloud by Claudio Guarnieri, head of security lab at Amnesty International, in 2019. It said Pegasus was designed for three things: collection of historic data on a device, continuous monitoring of activity, and transmission of this data to third parties. Security firm Kaspersky called it a tool for “total surveillance".
How does Pegasus infiltrate devices?
Pegasus is part of a tier called “zero click exploits" that do not require the victim to do anything. Instead, the spyware is designed to take advantage of bugs in popular apps, such as iMessage and WhatsApp, to infiltrate the system. WhatsApp patched the vulnerability Pegasus exploited in 2019, but bugs in other apps have been the most common method of infiltration that his team has seen since 2019, Guarnieri said. It can also use unsecured websites to infiltrate a device. These are called network injection attacks and also happen without the victim’s intervention. The device is infiltrated within milliseconds of visiting such a website.
What is the protection against Pegasus?
There’s nothing a victim can do once a device is infected, and Pegasus exploits previously unknown loopholes in apps, so devices can’t be protected by traditional means either. But best practices can be followed, like regularly updating apps, not visiting websites that don’t use the HTTPs protocol, and not clicking on unknown links or downloading unknown files.
Can anyone use Pegasus?
The NSO Group claims that the tool is only sold to government agencies, though there has been speculation that it has been accessed by others. A New York Times report from 2016 said infiltrating 10 iPhones with Pegasus would cost more than a million dollars, which means that few hackers or hacking groups would have access to such a tool. However, advanced persistent threat (APT) groups, which are usually backed by nation states or very large corporations, could gain such funding from their backers.
Are there more spyware like Pegasus?
Though Pegasus is NSO Group’s “flagship" product, it is not one of a kind. Milan-based Hacking Team also sells such tools to governments and corporations. Its RCSAndroid is a surveillance tool that used to be disguised as a news app on Google Play Store. The US National Security Agency’s Droupoutjeep is another such example, which was used to compromise iPhones. The Central Intelligence Agency once had a tool called Livestrong that was used to compromise devices running on Android 4.4 KitKat as was revealed by WikiLeaks.