Pegasus spyware software developed by NSO Group, an Israeli firm. It is known as a cyber weapon. This malicious software is specially designed for bypassing mobile device security. The company claims that Pegasus is used by governments, to carry out surveillance.
What Pegasus Can Do?
- Pegasus is a Spyware software for mobile devices.
- It can install silently into your phone.
- Once installs, it can read the user’s messages and mail, listen to calls, capture screenshots, log pressed keys, extract browser history, and contacts.
- It can automatically on your Phone’s microphone to listen.
- It can turn on GPS to track you.
- It can do camera ON without your knowledge.
- It can destruct itself.
In Android and iOS, Pegasus exploits undiscovered vulnerabilities. In this case, a phone could still be infected even with the latest security patch installed.
Pegasus can access remotely any information on a phone after being installed, including SMS’s, contacts, call histories, calendars, emails, and browsing histories. Your phone’s microphone can be used to capture calls and other conversations, camera can record you secretly, and GPS can track you without your knowledge.
When it was first Discovered?
Pegasus spyware was first discovered in an iOS version in 2016 and then a slightly different version was found on Android.
Pegasus was discovered in August 2016 after a failed installation attempt on the iPhone of a human rights activist led to an investigation revealing details about the spyware, its abilities, and the security vulnerabilities it exploited. News of the spyware caused significant media coverage. It was called the “most sophisticated” smartphone attack ever, and marked the first time that a malicious remote exploit using jailbreak to gain unrestricted access to an iPhone had been detected.
“It hooks into most messaging systems including Gmail, Facebook, WhatsApp, FaceTime, Viber, WeChat, Telegram, Apple’s inbuilt messaging and email apps, and others. With a line-up like this, one could spy on almost the entire world population. It’s apparent that NSO is offering an intelligence-agency-as-a-service,” Timothy Summers, a former cyber engineer at a US intelligence agency said.
The Guardian reported that in 2019, WhatsApp revealed that NSO’s software was used to send malware to more than 1400 phones by exploiting a Zero-Day vulnerability.
Even if the target never answers the call, malicious Pegasus code can still be installed on the phone simply by making a WhatsApp call.
On the other hand, hundreds of millions of iPhones can be accessed through Apple’s iMessage. According to Apple, its software is continuously updated to prevent such attacks.
How it Can Hack Android and iPhone?
Android devices are usually rooted to install apps and games from unofficial app stores or to enable a previously disabled function.
Similarly, a jailbreak can be applied on Apple devices to allow the installation of apps not available on the Apple App Store, or to unlock the phone for use on alternative cellular networks. Many jailbreak approaches require the phone to be connected to a computer each time it’s turned on (referred to as a “tethered jailbreak”).
Apple claims that iPhone is too secured than other mobile devices. But now the question can arise?
“Our forensic analysis has uncovered irrefutable evidence that through iMessage zero-click attacks, NSO’s spyware has successfully infected iPhone 11 and iPhone 12 models. Thousands of iPhones have potentially been compromised.”, said Danna Ingleton, Deputy Director, Amnesty Tech.
There were also thousands of Android phones targeted, however, compared to iPhones, their operating systems do not provide convenient logs to detect Pegasus spyware infection.
Pegasus was able to infect all modern iOS versions up to the latest release, iOS 14.6, through a zero-click. Means, it can run without click or surf. Pegasus Spyware can be installed through a missed call by a cyber attacker.
Apple products included iPhone 11 and iPhone 12 models can successfully infected by Pegasus.
What is Zero-Click?
There is no action required from Victim End. Zero-click attacks are cyber attacks that can be launched remotely without the victim having to interact.
The attacker use hidden text message or image file, to inject malicious code in the target’s device to compromises the device.
Once the target’s device has been successfully compromised, the message used to exploit the device will self-destruct so that no trace of the spyware remains.
It is possible for an attacker to take over a device remotely only if he successfully exploits vulnerabilities in the phone’s software and hardware.
How To Protect?
- Keep Update your mobile devices on time.
- Install a good security solution on each of your devices.
- If you receive a link from an unknown source, don’t click on it.
- By doing Mobile forensics utilities helpful to identify a potential compromise of Android and iOS devices.