What is Pegasus Spyware and How does it Hack Phones
Pegasus, developed by Israeli cybersecurity firm NSO Group, is highly sophisticated spyware that has been dubbed “the most sophisticated smartphone attack ever.” It was first noticed in 2016, but created a lot of buzz in late 2019 when it was revealed that the spyware was being used to spy on journalists and human rights activists across the world, including India. .
Now it’s in the news because on Sunday night a number of news websites including the Washington Post and the Guardian claimed more than 10 governments were using this spyware to spy on journalists, activists and other key media figures. In India, according to reports, more than 40 journalists were under surveillance using Pegasus.
What is Pegasus Spyware?
Developed by NSO Group Technologies, an Israeli cybersecurity company, Pegasus is a program that allows the controller (a person who injected the spyware) to access the infected smartphone’s microphone, camera, and even access messages, to emails and collect location data too. According to a report, Pegasus even allows you to listen to encrypted audio streams and play encrypted messages. Basically the hacker has access to the whole phone.
According to the NSO Group, the program has only been sold to approved government agencies and is intended to combat terrorism and crime. The report also mentions that Pegasus was discovered in 2017 thanks to Ahmed Mansoor, a human rights activist from the United Arab Emirates, who was one of his targets. He received several text messages which he said contained malicious links, then took his phone to cybersecurity experts at Citizen Lab who, with the help of another cybersecurity firm Lookout, discovered it was wrong. was spyware (later dubbed Pegasus).
However, the origin of spyware dates back to 2016. It affects both Android and iOS devices.
How is Pegasus installed on a phone?
Pegasus was originally used to access a phone through a malicious web link via message or email. Once a user clicked on the link, Pegasus would be installed on the phone. But then spyware gained new capabilities as well. The researchers found that it could even be installed on the phone with just one missed WhatsApp call.
Additionally, once Pegasus had access to the device, he could delete all call logs, making it virtually impossible for the victim to know that their phone was the target of spyware.
How Do You Know If You Have Been Affected?
Pegasus spyware is almost impossible to detect. According to a Financial Times report, a phone can get infected with Pegasus just by calling it through WhatsApp. The user doesn’t even need to take the call and the phone will still be infected. You can also send it by email and SMS.
Pegasus is sophisticated spyware with anti-legal and self-destruct features. This makes it difficult to detect. Even if it is uninstalled later, it leaves no trace and there is no way to know if the device has been affected. Your phone does not show any lag or visible signs when it has been infected with Pegasus.
Since WhatsApp filed a complaint against NSO Group, it has also emerged that the Facebook-owned messaging platform has information on the affected users, although it has not confirmed exactly how many users are affected. .
Should you worry about Pegasus?
Not really. There are two reasons for this. Although you should – and still should – be concerned about digital privacy.
One, Pegasus is old spyware now. It has been the subject of extensive research and companies like WhatsApp, Apple, Google, Microsoft and others have fixed security holes in their software that previously allowed Pegasus to do its job. Unfortunately, that doesn’t mean that there aren’t new variants of Pegasus. It is possible that newer variants of Pegasus or some similar spyware are still powerful.
But you still shouldn’t worry because Pegasus or something like Pegasus is a targeted surveillance tool. It is expensive to buy – think millions of dollars and requires sophisticated handling – and is therefore likely to be used only by large organizations and governments. At one point, these tools are only meant to be used against hundreds or thousands of people. Or even less. In other words, Pegasus-like software is primarily used against journalists, lawyers, top business leaders, politicians, and people who may have access to top secret information. If you’re not one of them, chances are you or your phone won’t come across something like Pegasus.
What to Do If Your Phone Is Affected by Pegasus?
Many security experts and analysts have stated that the only way to get rid of Pegasus completely is to throw away the affected phone. After you’ve replaced the device, make sure all the apps you install are up to date and have the latest software.
According to Citizen Lab, even a factory data reset on the phone does not remove the Pegasus spyware. It allows attackers to continue to access your online accounts even after your device is no longer infected. In order to keep your online accounts safe, you should also change the passwords for any cloud-based apps and services that you were using on the infected device.
Prevention better than cure
Although removal of a Pegasus infection may not be successful without data loss. There are steps a user can take to prevent or at least reduce the impact of a malware or spyware infection. Here is a list:
- Never open links, download or open files sent from an unknown source
- Disable push SMS in your device settings
- If you have an iPhone, don’t jailbreak it yourself to bypass restrictions
- Always install software updates and patches on time
- Turn off Wi-Fi, Bluetooth, and location services when you’re not using them
- Encrypt all sensitive data located on your phone
- Regularly back up your files to physical storage
- Don’t blindly approve app permission requests