What is Pegasus Spyware?
No one can deny that in this digitally advanced connected era, incidents of cyberattacks like hacking, data breaches, etcetra, are increasing exponentially.
What is Spyware?
Before knowing what ‘Pegasus Spyware’ is about, we need to understand what spyware is.
Spyware is a kind of malicious software that is usually installed on your computer or mobile device without your consent, to spy on you, damage your system and or steal sensitive data.
Pegasus Spyware was designed to hack computers and or mobile devices to gain access and retrieve the data from the devices without the user’s consent and then deliver it to the third party who is actually spying on you. However, the parent organisation of this Pegasus Spyware claims that it is intended to help government authorities to be used against terrorists and criminals by spying on them.
Pegasus was developed by Israeli cyber intelligence and security firm NSO Group Technologies. It is also known by names like Q Suite and Trident.
Pegasus is a program that allows the controller (a person who has injected the spyware into your device) access to the infected smartphone’s microphone, camera and one can even gain access to messages, emails, and collect location data too. This is the best spyware in the market and Apple’s mobile operating system iOS and Android devices can be breached.
Pegasus Spyware a surveillance software developed by the Israeli cyber intelligence service NSO Group, produces and sells spying programs for mobile phones called Pegasus. Pegasus is software designed to gain access to your phone without your consent, collect personal and sensitive information and transmit it to the user to spy on you.
The cybersecurity company specialises in surveillance technology and claims to help governments and law enforcement agencies around the world fight crime and terrorism.
Pegasus Spyware attacks the devices so seamlessly that even the device owner might not have any idea about it. It infects the target phone and sends data, including photos, messages, and audio and video recordings.
As per a Kaspersky report, Pegasus even allows the attacker/hacker to listen to encrypted audio streams and read encrypted messages. Basically, the hacker has access to your entire phone and controls it.
According to the NSO Group, the program has been sold only to vetted government agencies and is intended to fight against terrorism and crime. According to the NSO Group website, the company creates technologies that can “help government agencies”, so that thousands of lives can be saved from terrorism and crime around the world.
How it Can Attack Your Phone
Spyware like Pegasus performs ‘zero click’ attacks ( i.e., the device owner even is not required to click on the message, mail, link, etc.). Literally meaning that it does not require any human to do anything or to give any input to make the malware work. You don’t have to click anywhere or browse anything. On top of that, if the user finds something suspicious and deletes the message(s), the spyware would still infect the device.
This spyware is installed automatically. In other words, even if you know how to avoid phishing attacks or know which link to click and which not to, it makes no sense. Most such attacks target software that receives data without determining whether it is coming from a trusted location or not, such as an email client.
Once Pegasus spyware gets into your smartphone, your text messages and emails, contacts, photos, passwords, etc. can be accessed by the other party i.e. the hacker. Access is given to such an extent that even your device microphone or camera can also be operated by the one who is is spying on you. The Pegasus Spyware can even access the end-to-end encrypted messages or files as it can now steal them before the encryption or after the decryption.
How Do You Know If You Have Been Affected?
Pegasus spyware is nearly impossible to detect. As per a report in Financial Times, a phone can be infected with Pegasus just by calling it via WhatsApp. The user doesn’t even have to pick up the call and the phone will still get infected. You can also send it via email and SMS.
Pegasus is a sophisticated spyware which has some anti-forensic and self-destruct features. This makes it difficult to detect. Even if it is uninstalled later, it doesn’t leave any traces and there is no way to tell whether the device was affected.
Your phone does not show any lags or visible signs when it has been infected by Pegasus.
Since WhatsApp has filed a lawsuit against NSO Group, it has also come to light that the Facebook-owned messaging platform has information about the affected users although it hasn’t confirmed exactly how many users have been affected.
WhatsApp has been sending alert messages to the list of affected users asking them to update to the latest version of the app. Up and till now, the message from WhatsApp is the only visible indicator that tells you whether your phone has been affected.
Citizen Lab is also sending alert messages to affected users.
If you want to be absolutely sure whether your phone has been compromised or not, it is best to consult a cybersecurity expert.
Does it Affect Other Apps?
Pegasus allows the controller i.e. the hacker, to access your phone’s microphone and camera, but nowhere does it mention that it can affect other applications.
Yes, the controller can have access to files, images and even read encrypted messages and emails, but there is uncertainty as to whether it allows them to manipulate other applications on the phone.
It also allows access to the location data of the user and one can also read screenshots and typing feedback logs. This way the controller can know what passwords you are using to access different websites and even banking applications, usernames and passwords.
What to Do If Your Phone Is Affected by Pegasus
Many security experts and analysts have said that the only way to get completely rid of Pegasus is to discard the phone that has been affected/infected.
Once you have replaced the device, ensure that all the apps that you install are up-to-date and have the latest software version.
According to Citizen Lab, even a Factory Data Reset of the phone does not get rid of the Pegasus spyware. It lets attackers continue to access your online accounts even after when your new device is not infected.
In order to ensure your online accounts are safe, you should also change the passwords of all the cloud-based applications and services that you were using on the infected device.
How to Save Your Smartphone From a Pegasus Attack
It is very difficult to detect pegasus attacks and almost impossible to stop them. If there is encrypted data then it is more difficult because it does not know which data packets are being sent or received. Users can keep all their operating systems and software updated so that at least those vulnerabilities that have been identified can be fixed. Downloading apps from anywhere other than Google Play or Apple’s App Store also invites danger. With a little more care, you can stop using apps altogether. Use the browser to access email and social media on the phone.
Avoid public and free Wi-Fi services (including hotels), especially when accessing sensitive information. The use of a VPN is a good solution when you need to use such networks.
Encrypt your device data and enable remote-wipe features where available. If your device is lost or stolen, you will have some reassurance your data can remain safe.
Does VPN help?
There are more than one way the spyware can infect your phone, even by Bluetooth. Pegasus has the ability to reach a phone silently using a tactical network called the Base Transceiver Station.
What precautions can one take?
When Pegasus exploits a vulnerability in one’s phone’s operating system, there is nothing one can do to stop a network injection. Worse still, one will not even be aware of it unless the device is scanned by a digital security lab.
Switching to an old type of handset that is not a smartphone that allows only basic calls and messages will certainly limit data exposure, but may not significantly cut down infection risk. Also, any alternative devices used for emails and apps will remain vulnerable unless one forgoes using those essential services altogether.
So, the best one can do is to stay up to date with every operating system update and security patch released by device manufacturers, and hope that zero-day attacks become rarer. If one has the budget, changing handsets periodically is perhaps the most effective, if not expensive remedy.
Since the spyware resides in the hardware, the attacker will have to successfully infect the new device every time one changes. That may pose both logistical (cost) and technical (security upgrade) challenges. Unless one is up against unlimited resources, usually associated with state power.
