Pegasus Spyware: What Is It? How Does It Infect Your Phone? How Can You Check if Your Phone Has Been Targeted?

Must read

How to disable and delete Samsung Pay from your Galaxy phone

When it comes to paying conveniently, Samsung Pay makes using your phone as a bank card an easy process; however, there may come...

Best OnePlus Nord N200 5G cases 2021

Best OnePlus Nord N200 5G cases Android Central 2021 The best OnePlus Nord N200 5G cases will protect your new sleek device and keep its 90Hz Full...
Bhawani Singhhttps://techmepro.com
I am a blogger who believes in delivering latest tech news from around the world to my viewers.

Pegasus spyware is a surveillance software created by Israeli cyber intelligence firm NSO Group. This firm is known to build sophisticated software and technology for selling solely to law enforcement and intelligence agencies of vetted governments for the sole purpose of saving lives through preventing crime and terror acts, as claimed by the company. Pegasus is one such software that is created to gain access to your phone without consent and gather personal and sensitive information and deliver it to the user that is spying on you.

Pegasus spyware: What can it do?

According to Kaspersky, Pegasus spyware is able to read the victim’s SMS messages and emails, listen to calls, take screenshots, record keystrokes, and access contacts and browser history. Another report corroborates that a hacker can hijack the phone’s microphone and camera, turning it into a real-time surveillance device. It is also worth noting that Pegasus is a rather complex and expensive malware, designed to spy on individuals of particular interest, so the average user is unlikely to encounter it.


Pegasus spyware: When was it first discovered?

Pegasus spyware was first discovered in an iOS version in 2016 and then a slightly different version was found on Android. Kaspersky notes that in the early days, one of the main infection schemes was via an SMS. The victim got an SMS with a link. If the person clicks on it then their device gets infected with the spyware.

However, over the last half decade, Pegasus has evolved from a relatively crude system reliant on social engineering to a piece of software that can compromise a phone without the user having to click on a single link, or what the cyber world likes to call zero-click exploits.

Pegasus spyware: How does it infect a phone?

The Organized Crime and Corruption Reporting Project (OCCRP) reports that eventually, as the public became more aware of these tactics and were better able to spot malicious spam, zero-click exploit solution was discovered. This method does not rely on the target doing anything at all in order for Pegasus to compromise their device. Zero-click exploits rely on bugs in popular apps like iMessage, WhatsApp, and FaceTime, which all receive and sort data, sometimes from unknown sources. Once a vulnerability is found, Pegasus can infiltrate a device using the protocol of the app. The user does not have to click on a link, read a message, or answer a call — they may not even see a missed call or message.


“It hooks into most messaging systems including Gmail, Facebook, WhatsApp, FaceTime, Viber, WeChat, Telegram, Apple’s inbuilt messaging and email apps, and others. With a line-up like this, one could spy on almost the entire world population. It’s apparent that NSO is offering an intelligence-agency-as-a-service,” Timothy Summers, a former cyber engineer at a US intelligence agency said.

Apart from zero-click exploits, OCCRP reports another method called “network injections” to quietly access a target’s device. A target’s Web browsing can leave them open to attack without the need for them to click on a specifically-designed malicious link. This approach involves waiting for the target to visit a website that is not fully secured during their normal online activity. Once they click on a link to an unprotected site, the NSO Group’s software can access the phone and trigger an infection.

Amnesty International recently reported that NSO Group’s spyware has infected newer iPhone models, specifically iPhone 11 and iPhone 12, through iMessage zero-click attacks. The spyware can impersonate an application downloaded to an iPhone and transmit itself as push notifications via Apple’s servers. Thousands of iPhone handsets have been potentially compromised by the NSO spyware.

Kaspersky says that Pegasus for Android does not rely on zero-day vulnerabilities. Instead, it uses a well-known rooting method called Framaroot. Another difference: If iOS version fails to jailbreak the device, the whole attack fails, but with the Android version, even if the malware fails to obtain the necessary root access to install surveillance software, it will still try directly asking the user for the permissions it needs to exfiltrate at least some data.

Pegasus spyware: Is there a way to detect if a phone’s been compromised?

Researchers at Amnesty International have developed a tool to check if your phone has been targeted by the spyware. The Mobile Verification Toolkit (MVT) aims to help with identifying if Pegasus has infected your device. While it works on both Android and iOS devices, it requires some command line knowledge top operate right now. However, MVT may receive a graphical user interface (GUI) over time.

Source link

More articles

Leave a Reply

Subscribe to our newsletter

To be updated with all the latest news, offers and special announcements.

- Advertisement -

Latest article

Realme to Start Export of ‘India-Made’ Smartphones to Nepal From Q3

In India, Realme - with a 14.6 per cent market share in the June 2021 quarter.Realme is among the top four smartphone brands...

Rainbow Six Siege hints at a new Extraction themed event on the Consulate map

Rainbow Six Siege developers at Ubisoft seem to be teasing an upcoming event on the Consulate map. From what we have seen so...

AMD Radeon RX 6600 XT Graphics Cards Announced for 1080p Gaming

AMD has unveiled the new Radeon RX 6600 XT mid-range GPU, aimed at gamers who want to target high performance and high refresh...

Motorola Edge S Pro Confirmed via Promotional Video Ahead of August 5 Launch, Could Be Rebranded Edge 20 Pro

Motorola Edge S Pro moniker has been confirmed through a promotional video shared by the company on Chinese microblogging website Weibo. The...
- Advertisement -