Recently, the phones of a few union ministers, leaders of opposition parties, activists, heads of security organizations and journalists from India were hacked using Pegasus Spyware.
This implies that important conversations and personal details of the attacked individuals have been leaked and are most likely to cause unimaginable damage in their lives. The reason why this news is of concern is because Pegasus is the most dangerous malware for Android and iOS. It is behind one of the smoothest attacks ever.
Let’s learn what Pegasus is in a little more detail
It is malware in the form of spyware that spies on a person based on the activity he/she does on their phones, and acquires all the data stored on the phone. Pegasus spyware is developed by a private software company in Israel named NSO Group.
The spyware extracts all personal information of the owner’s device without their knowledge and sends it to whoever is using the spyware. This malicious software is developed, marketed and sold to various governments in the world.
Why is this spyware called the most harmful one ever?
Pegasus does not just hack personal information and data on your phone, it also has the ability to switch on your phone’s camera and microphone capturing everything you do and say, who you meet, where you stay, and what all places you visit, recording every little detail in your life.
How does Pegasus infiltrate into the devices?
Till 2016 the spyware infected phones by the way of spear-phishing text or emails. The texts and emails carried a link that tricked the phone’s owner to click on it. Once the owner clicked on the link, the malware entered the device. Now, however, the spyware has found more advanced ways to infiltrate into the device making it even more difficult for the owners to detect a malware attack. A technique called the zero-clicks attack is now used by Pegasus to infiltrate into the device. This does not require the owner to interact with any kind of message or email for the attack to be successful. The Zero click technique exploits the flaws or bugs present in the device which the manufacturer is unaware of or hasn’t fixed yet. Another way of infecting a device by the way of zero-click technique is by simply placing a WhatsApp call that installs a malicious Pegasus code into the phone. The owner of the phone doesn’t even need to answer the WhatsApp call. Pegasus is discovering vulnerabilities in Apple’s iMessage software as well which has become its entry point into millions of iPhones. So if you still thought that iOS devices are safe from all kinds of malware, it’s not.
After Pegasus makes its entry into the phone it starts extracting almost everything present in your phone from simple SMS messages, call history, contact numbers, emails, calendars, to internet browsing activities and histories.
What does the company have to say on this?
A database of 50,000 contact numbers was leaked out of which 300 were a list of verified contacts belonging to activists, journalists, opposition party leaders, businessmen, government officials, scientists, among others. The mother of Pegasus, NSO Group which was set up in 2010 has denied every allegation of wrongdoing. Pegasus is known to provide spied data to intelligence agencies and governments of foreign countries.
Most of the attacks that have taken place have been in the countries which include United Arab Emirates, Saudi Arabia, Morocco, India, Azerbaijan, Bahrain, Hungary, Kazakhstan, Mexico, and Rwanda.
As BBC reports, the company has clarified that the software is used against criminals and terrorists and helps only the governments and their military, law enforcement and intelligence agencies whose countries hold good human rights records.
The company further said that the assumptions on which the investigation is being carried out against it is based on uncorroborated theories and are outright wrong.
Pegasus and WhatsApp
In 2019, Facebook-owned WhatsApp had sued Pegasus for using WhatsApp to carry out 1,400 cyber-attacks and has been banned from using the platform since then. Further, WhatsApp also revealed to the concerned authorities that Pegasus has used its platform to especially target journalists and activists of India.
The Indian Picture
Pegasus has refused to reveal if the Indian government is its client or not, however, the presence of contact details of multiple Indian activists, journalists and government officials indicate that agencies from India are definitely NSO’s clients. Amnesty International’s Security Lab that carried out an independent forensic analysis of the cyberattack has provided sufficient pieces of evidence that out of the 13 iPhones examined in India, nine showed evidence of being targeted, and seven out of them had been infected with Pegasus.
The Government of India on the other hand, although hasn’t released a detailed report proving of it not using Pegasus to conduct surveillance on selected personalities, it has issued a statement saying that the allegations have no basis for truth whatsoever. It has called all news reports alleging a fishing expedition based on conjectures to damage the Indian ethos of democracy.
