Pegasus malware can read SMS and emails, listen to phone calls, take screenshots, record keystrokes, and access contacts and browser history.
NSO Group, an Israeli cyber intelligence business, developed Pegasus malware as a surveillance tool.
As claimed by the corporation, this firm is known for developing advanced software and technology for sale primarily to law enforcement and intelligence agencies of approved nations with the sole objective of saving lives by preventing crime and terror activities. Pegasus is one such piece of software designed to get unauthorized access to your phone, capture personal and sensitive data, and transfer it to the user who is spying on you.
What can Pegasus spyware do?
Pegasus spyware, according to Kaspersky, can read SMS messages and emails, listen to phone calls, grab screenshots, record keystrokes, and access contacts and browser history. A hacker may commandeer the phone’s microphone and camera, turning it into a real-time monitoring device, according to another claim. It’s also worth mentioning that Pegasus is a complex and expensive spyware meant to spy on specific individuals, so the typical user is unlikely to come across it.
When was Pegasus spyware originally discovered?
In 2016, Pegasus malware was discovered in an iOS version, followed by a somewhat different version on Android.
One of the main infection tactics in the early days, according to Kaspersky, was via SMS. An SMS with a link was sent to the victim. If the user clicks on it, the spyware is installed on their computer. Pegasus, on the other hand, has progressed from a rudimentary social engineering-based system to a piece of software that can infiltrate a phone without the user having to click on a single link, or what the cyber world refers to as zero-click vulnerabilities.
How can Pegasus spyware infect a phone?
According to the Organized Crime and Corruption Reporting Project (OCCRP), a zero-click vulnerability solution was developed as the public got more aware of these tactics and became better able to recognise harmful spam.
Pegasus does not require the target to do anything in order to compromise their device using this way.
Zero-click vulnerabilities take use of flaws in popular programmes like iMessage, WhatsApp, and FaceTime, which all receive and sift data from a variety of sources, including unknown ones. Pegasus can enter a device utilising the app’s protocol after a vulnerability is discovered. The user is not required to click on a link, read a message, or respond to a phone call; in fact, they may not even notice a missed call or message.
“It hooks into most messaging systems including Gmail, Facebook, WhatsApp, FaceTime, Viber, WeChat, Telegram, Apple’s inbuilt messaging and email apps, and others. With a line-up like this, one could spy on almost the entire world population. It’s apparent that NSO is offering an intelligence-agency-as-a-service,” Timothy Summers, a former cyber engineer at a US intelligence agency said.
Besides from zero-click attacks, OCCRP describes another way for silently accessing a target’s device termed “network injections.” Without the need to click on a specially prepared malicious link, a target’s Web browsing can expose them to attack. During routine online activity, the victim is enticed to visit a website that isn’t totally safe.
The NSO Group’s malware can access the phone and infect it if users click on a link to an unprotected site.
Pegasus for Android, according to Kaspersky, does not rely on zero-day vulnerabilities. Instead, it implements Framaroot, a well-known rooting approach. Another difference is that if the iOS version fails to jailbreak the device, the entire attack fails; however, if the malware fails to obtain the necessary root access to install surveillance software on the Android version, it will still ask the user for the permissions it requires to exfiltrate at least some data.
Is there a method to tell if a phone has been compromised with Pegasus spyware?
Amnesty International researchers have created a tool to see if your phone has been targeted by spyware.
The Mobile Verification Toolkit (MVT) is designed to assist you in determining whether or not Pegasus has infected your device. It works on both Android and iOS devices, however it currently requires command line skills to use.
MVT, on the other hand, will get a graphical user interface (GUI) in the future.