Post Views: 494

How Pegasus Spyware Works | Pegasus Data Leaked

A type of malware that is installed on a computer system without the end user’s knowledge is called spyware. One such spyware that shook the whole world by disrupting the privacy of people especially journalists, political leaders, human activists, and many more is Pegasus. Know-How Pegasus Spyware works

What is Pegasus?
How Pegasus Spyware Works?
Evolution of Pegasus
- Zero click attacks
Devices vulnerable to Pegasus
Service charges of Pegasus
History of Pegasus
- 2016: First Exposure
- 2018: Attack of UAE
- 2019: WhatsApp Snooping Scandal
- 2020: Attack of Mexico
- 2021: Recent Attack
- Dangerous attack of Pegasus
People who got targeted by Pegasus in India
What NSO Group has to say about these attacks?
Is Pegasus a threat to democracy?
So, can we protect our devices from Pegasus?

1.What is Pegasus?

How Pegasus spyware works that are created by NSO Group. Pegasus spyware is mostly used by government agencies. Pegasus is the top advanced spyware ever developed.

The purpose of Pegasus is to infect the target’s phone and send back data, including photos, messages, and audio/ video recordings.

The developer of this Pegasus spyware is an Israeli company called NSO Group. NSO stands for Niv, Shavlev and Omri. NSO Group is a private firm that was founded in 2010 by Novalpina Capital, ShavlevHulio, and OmriLavie.

2. How Pegasus spyware works

With just a simple click on Pegasus can be bypass your phone’s security and install spyware that grants complete access to your all devices. It can access every message you have sent; it can access every message you have ever received.

Pegasus can attack your gallery photos, videos, emails, and many applications that are installed on your phones. It can turn on your microphone even when you are not using the phone call, and can just record whatever you are doing in the room.

Not only this but it can also turn on your camera, it can record what’s on your screen, can access your GPS, and monitor your location. In short, Pegasus can get full access to your phone as a third party.

But the most concerning thing is that Pegasus can do all of this even without you knowing about this.

the major purpose of the pegasus virus is to control the target mobile device or system by rooting or jailbreaking it for a temporary time by taking the advantage of a zero-day vulnerability

3. Evolution of Pegasus

The Pegasus version of 2016 used to infect smartphones using a technique called “spear-phishing”. In this, the text messages or emails were used to be sent to the targets. The message used to contain a malicious link, this link then needed to be clicked which led to giving access to the third party without the user knowing about this.

In 2019 the Pegasus was evolved to a version in which the device could be infected with a missed call on WhatsApp and could even delete the record of the missed call, due to which the user was unable to identify that he/she has been targeted.

3.1 Zero click attacks

Pegasus further got evolved to a more sophisticated way of hacking that is zero click attack. This new form of attack has made the software more dangerous. In this, the attack does not require any action to be taken by the phone’s user.

To gain entry the Pegasus will identify the zero vulnerabilities which mean finding flaws in the operating system and instead of informing it of an error it will attack the flaw to gain access to the computer or mobile system as a third-party user.

4. Devices vulnerable to Pegasus

All devices are vulnerable to Pegasus. how Pegasus software works and attacks both Android and iOS.

In the iPhone pegasus virus target apple’s default iMessage application and push the notification service protocol upon which it is based.

in android smartphones pegasus virus targeting the vulnerability in the graphics library of phones

5. Service charges of Pegasus

As per the reports, the documents that are submitted before a US court shows that an amount of $8 million was charged to use how Pegasus spyware works in Ghana to spy on 25 phone numbers in 2016.

Also, Mexico’s contract was worth $32 million to monitor 500 users and Panama paid $13.4 million to spy on 150 devices.

6. History of Pegasus

6.1 2016: First Exposure

As per the reports, the first attack of Pegasus spyware was done in 2016. Ahmed Mansoor an internationally recognized human rights defender, based in United Arab Emirates (UAE) received SMS text messages on August 10 and 11, 2016.

The message was received on his iPhone promising new secrets about the detainee’s link attached in the message. Instead of clicking the message, Mansoor sent the message to Citizen Lab Research. The researchers said that they recognized the link that was belonging to a company named NSO Group.

6.2. 2018: Attack of UAE

According to 2018 reports, the government of UAE used Israeli phone-hacking technology to spy on political and regional rivals as well as members of the media. The hacking software was none other than Pegasus.

6.3. 2019: WhatsApp Snooping Scandal

The most devastating case was in 2019. In this case, WhatsApp’s parent company Facebook told the reporters that Israel’s NSO Group had developed a sophisticated snooping software called Pegasus.

The snooping case came out after WhatsApp filed a case in California’s Northern District federal court against the NSO Group. Which revealed that Pegasus spyware had infected 1400 devices.

In India, Indian National Congress Party professed that Narendra Modi’s government party was caught snooping journalists, activists, lawyers, and some senior government officials.

They later claimed that Priyanka Gandhi’s general secretary was also targeted.

6.4. 2020: Attack of Mexico

As per 2020 reports, corrupt Mexican officials use to help drug cartels in the country to obtain state-of-the-art which can be used to hack mobile phones and it was none other than Pegasus.

The reports also state that John Scott- Railton a researcher of Citizen Lab at the University of Toronto said that they found extensive evidence of targeting and the targeting had touched all the parts of Mexico’s civil society as well as its political culture.

6.5. 2021: Recent Attack

According to the recent reports, the petition that is likely to come up in the next few days will claim the investigation which would reveal more than 142 Indians including- journalists, lawyers, government ministers, opposition politicians that have been targeted by Pegasus spyware.

6.6. Dangerous attack of Pegasus

The reports of military-grade spyware (pegasus) allowed by an Israeli organization to the government of Saudi Arabia to get terrorists and criminals were used to successfully hack 37 smartphones related to journalists, human rights activists, business executives The two women on this list were close to murder Saudi journalist Jamal Khashoggi who was later killed in Turkey.

7.People who got targeted by Pegasus in India

The report states that Pegasus has been linked to a list of 50,000 phone numbers which reveals that several civil servants, politicians, and ministers. This incorporates the senior Enforcement Director, a helper of Delhi Chief Minister Arvind Kejriwal, and authorities from the PMO and NITI Aayog as expected individuals of premium. More than 40 Indians journalists appeared on the leaked list.

The people that have been identified are:

Rajeshwar Singh

He has been the senior officer with ED since 2009 and has served on the probe of several sensitive cases such as the 2G spectrum scam and the Aircel-Maxis matter.

According to The Wire, his wife and two of his sister’s phone numbers were also targeted in 2018.

VK Jain

Jain’s phone number was hacked in 2018. He is a former IAS officer and personal assistant to Delhi CM Arvind Kejriwal. AS per The Wire, during 2018 Jain was in charge of handling the most important files of the state government.

Officials of PMO and NITI Aayog

According to The Wire, a senior Niti Aayog employee’s phone number was also targeted by this cyberweapon and he is no longer in the employment of the government. He further requested the reporters to not reveal his identity.

The reports also state that the unnamed PMO official, is presently an undersecretary in the office, and who was targeted by this malware in 2017. When The Wire contacted the person by using the mobile number that was listed in the records, he said that he doesn’t know if this list is accurate or his mobile number is there. The only thing he can say is that he is not such an important person whose number should be traced.

8. What NSO Group has to say about these attacks?

As per the reports NSO Group claims that its Pegasus spyware is used to investigate terrorism and crime. NSO further says that the software can not be traced back to the government using it – which is very concerning.

In simple words, NSO Group is a company that makes products that are used by the government to spy on citizens and people all over the world.

But a concern raised by Amnesty International is that the company is providing spyware to those government agencies that cannot be trusted.

In The Washington Post, the NSO Group told them that it only works with government agencies. The company further told them that it will cut off all the access of the government agencies if they are found using Pegasus spyware in an abusive manner and also claims that they have done this before.

9. Is Pegasus a threat to democracy?

According to reports the WhatsApp CEO Cathcart said that it is a wake-up call for security on the internet to make mobile phones safe for all. He also tweeted that the spyware was being used to commit horrible human rights abuses and it needed to be stopped.