Pegasus is again at the centre of a major controversy. On 18 July this year, The Wire, an independent news portal reported that this time around over 40 journalists across India have been targeted apart from a few politicians and activists. So, what exactly is this Pegasus, and how does it snoop on someone?
Developed and licensed by NSO Group, an Israeli cyber arms firm, Pegasus is a spyware that can be covertly installed on mobile phones and other devices operating on Android and iOS. The spyware not only enables the keystroke monitoring of all communications from a phone in form of texts, emails, web searches but also tracks phone calls and location. By setting up this spyware on a phone, NSO Group can hijack the microphone and camera of a mobile phone, and constant surveillance becomes easier.
Pegasus was discovered in August 2018 after a failed attempt at installing it on abilities, and the vulnerabilities related to security it exploited. As per the 2016 version, Pegasus was capable of reading text messages, tracking calls and locations, collecting passwords, accessing the microphone and camera of the target device, and extracting information from mobile apps. Francisco Partners, an American private equity firm, previously owned Pegasus till 2019.
According to NSO, it offers “authorised governments technology that helps combat terror and related crime.” The firm has published sections of contracts for customers to use its products for criminal and national security investigations. Additionally, NSO clarified that spyware has an industry-leading approach to human rights.
Named after the mythical winged horse Pegasus, it means a Trojan horse that can be sent “flying through the air” to infect phones.
How does it enter a Mobile Phone and Snoop on People?
- The method of attack by Pegasus is called zero-click attacks that do not require any action by the user. The spyware can infiltrate a device through a missed WhatsApp call.
- It will then alter call logs so that the user has no knowledge of what happened.
- Once the spyware enters the targeted device, it installs a module to track call logs, read messages, emails, calendars, internet history, and collect location data to send the information to the attacker
- The module can be installed manually on a device or over a wireless transceiver
- If it fails to connect with its command-and-control server for over 60 days, it self-destructs and removes all traces.
- If it identifies that it was installed on the wrong device or SIM card, then also it can self-destruct itself.
- Despite issuing security updates, Android and iOS devices get breached.
How to avoid getting this on Your phone?
To be on the safe side, users need to ensure that software in the device is updated and all apps are installed through the official stores. You must avoid clicking suspicious emails or text messages.