Developed by Israel Cyber ​​Intelligence NSO Group – known for its expertise in creating special cyber weapons – Pegasus is a very sophisticated supervision tool.
Attention is widespread in 2019 when WhatsApp tells us the user that spyware has compromised their phone.
Whatsapp, Amnesty International and others demanded NSO in the US 2019, but Pegasus was reportedly used in early 2016, when the iPhone Activist Arab human rights was hacked.
In a few days, Apple released an iOS update reportedly patching the vulnerability targeted by Pegasus.
Pegasus is in the midst of massive controversy with international media collaboration that reports an unknown agent may target journalists and others to supervise him.
Among 50,000 telephone numbers found on potential lists for supervision, 40 are Indian journalists.
Who has access and what is used? Some reports say Pegasus is used for supervision based on institutions throughout the country, but there is no clarity in which specific agents where the country uses it.
Investigation by Amnesty International and French Media Groups Forbidden Stories have found that while most NSO servers are in Europe, three are located in India and are used as infrastructure attacks.
If NSO will be trusted, there is no nongemvernmental agency that has access to the software.
It is said to have 60 clients of government institutions in 40 countries, but have not named it.
And while whatsapp and others accused Pegasus is spyware, NSO maintains it selling software “for the purpose of saving lives through preventing crime and terror.” “NSO does not operate the system and has no visibility of data.
Our technology is used every day to break the pedophile ring, sex and drug trafficking rings, placing lost and kidnapped children,” read NSO statements.
How is the cellphone hacked? Pegasus’ USP is its ability to attack the phone without clicks from targeted users.
Organized crime and corruption reporting projects (OCCRP) said the previous version requires active target participation.
Pegasus operators send text messages containing malicious links, which if clicked will open a malicious webpage to download and run malware.
But when people get better in finding a dangerous spam, the use of ‘zero click exploitation’ starts.
Zero-click exploitation Use bugs in popular applications such as iMessage, WhatsApp, and FaceTime, all of which accept and sort data, sometimes from unknown sources.
“After the vulnerability is found, Pegasus can infiltrate the device using the application protocol.
Users do not need to click on the link, read messages, or answer calls – they may not even see missed calls or messages,” OCCRP said.
Timothy Summers, a former cyber engineer at the US intelligence agency, described Pegasus as an unpleasant software.
“It associates most messaging systems including Gmail, Facebook, WhatsApp, FaceTime, Viber, Wechat, Telegram, Apple’s built-in messages and email applications, and others.
With a line-up like this, someone can spy on almost all of the world’s population .
It is clear that NSO offers as-a-service intelligence, “Summers has told reporters.
What type of supervision? Basically, Pegasus can spy on every aspect of the target life, the researchers from the Cybersky Kaspersky company said.
This is a modular malware – after scanning the target device, it installs the module needed to read messages and user letters, listen to calls, capture screenshot, pressed buttons, removing browser history, contacts, etc.
“Pegasus can even listen to encrypted audio streaming and read encrypted messages – thanks to keylogging and audio recording capabilities, steal messages before encrypted (and, for coming in, after decryption),” added Kaspersky.