What is Pegasus spyware?

This might be the name for possibly one of the most powerful and sophisticated spyware developed by a private company. Pegasus is a spyware virus that embeds itself on a mobile, and then it has the ability to control that specific device, it can turn it into a 24-hour surveillance device that can copy messages you send or receive, store your photos and record your calls., and steal all kinds of sensitive data. It can even turn your camera and microphone on and record videos and conversations without you even noticing.

Pegasus is developed and licensed to governments all around the world by an Israeli company NSO Group. Initially, it was discovered in 2016 that affected the phones through spear-phishing — an email or electronic communications scam targeted towards a specific individual, organization or business and it has been improved since and its capabilities have become more advanced., and eventually, people have already become its prey.

Pegasus infections are accomplished with the “zero-click” attacks, that does not need any communication from the device’s owner in order to succeed. Suppose we receive a message, it may or may not be visible to us but it starts peeling off the security layers of the device from that without us even clicking on the message or link it has in itself. So in actuality, everyone is vulnerable to this technology. They exploit the “zero-day” vulnerabilities, which are certain flaws or bugs or defects present in the operating system of the device and the manufacturer of the device is not aware of and hence they are not fixed in the first place. The spyware hides effectively with the help of inbuilt self-destruct mode. If it fails to connect with its command-and-control centre any more than 60 days, or if it detects that it was installed on the wrong device, it self-destructs and removes all traces.

In 2019 WhatsApp exposed that NSO’s Pegasus had been used to send malware to around 1400 devices by exploiting different zero-day vulnerabilities by just executing a Whatsapp call to the target which then installs the Pegasus code on the device even though the target never answered the call. This spyware has also been linked to the deaths of journalists in Israel and was said to be a medium of surveillance by their own government to spy on specific people with around 50,000 names on the list.

According to CNET, Jeff Bezos’ 2018 phone hack was linked to the NSO Group, as accomplished by the “crown prince of Saudi Arabia.” And this was performed by sending a link to Bezos’ Whatsapp which he might have accessed which then made a way for the spyware to exploit his phone. Lately, NSO has commenced exploiting vulnerabilities in Apple’s iMessage software, in order to access millions of iPhones.

“When an iPhone is compromised, it’s done in such a way that allows the attacker to obtain so-called root privileges, or administrative privileges, on the device,” Claudio Guarnieri, who runs Amnesty International’s Berlin-based Security Lab told The Guardian. “Pegasus can do more than what the owner of the device can do.”

To Amnesty International’s technical report the lawyers for NSO claimed that it was only theoretical, labelling it as “a compilation of speculative and baseless assumptions”. Nevertheless, they did not debate or contradict any of its specific claims, findings or conclusions.

“This is a question that gets asked to me pretty much every time we do forensics with somebody: ‘What can I do to stop this happening again?’” said Guarnieri. “The real honest answer is nothing.”