Pegasus Spyware: Zero Click Hack

Abstract

The word Pegasus has come from Greek mythology. According to that, a mythological creature that is a white horse which is called Pegasus. The Pegasus is a type of spyware or malware which is a dangerous software virus that secretly gets into your computer or smartphone and gives your data to another person.

This Pegasus spyware is developed by the Israeli Company, The NSO Group, which was set up in 2010.

The full form of NSO is;

  • N (Niv Carmi),
  • S (Shalev Halio),
  • O (Omri Lavie),

Basically, it is the initial letter of the name of the three founders of this company.

It can also access your camera, and may even record your video through the device’s camera or access any other data, like, your Whatsapp chats or photos. They can extract all the data and send it to someone else without the user’s concern. Spying on you is what this spyware does. 

Keywords: Spyware, Pegasus, Zero-Day Vulnerability, spear Phishing, zero-click attack

Introduction

Amnesty International’s Security Lab  has conducted in-depth forensic examination on a number of mobile devices belonging to human rights defenders (HRDs) and journalists throughout the world. Using NSO Group’s Pegasus malware, this investigation found massive, persistent, and ongoing illegal monitoring and human rights violations.

So here the question arises: How does this pegasus spyware enter into your smartphones and your devices? 

Earlier you would have gotten a link through SMS or a Whatsapp, you would click on the link then your phone could have been infected, but today they have improved their technology so much that you don’t even have to click on the link. They will send you a Whatsapp message or leave a missed call on your number. Even, if you don’t receive the call the pegasus spyware can still infect your phone and that’s why it’s too dangerous and shocking. They just need to know the phone number.

Evidence suggests that NSO’s persistent search for flaws may have stretched to other regular apps, according to forensic analysis of victims’ phones.

Pegasus can be deployed over a wireless transceiver positioned near a victim, or physically installed if an agent can seize the target’s phone.

Pegasus can collect almost any information or extract any file once it is installed on a phone. SMS messages, address books, call histories, calendars, emails, and browsing histories on the internet can all be accessed.

Another big question arises: Why did NSO create the pegasus or what was the need for it? 

NSO claims that they created Pegasus So that government intelligence and law enforcement agencies can use this to fight against crime and terrorism. For eg: The Mexican government has said that they used pegasus spyware to capture the drug smugglers. You might be thinking that how good is the spyware. It can be used to capture all the terrorists and criminals of the world so that the entire world would become a better place. But, there is a twist in the pegasus spyware.

In August 2016, Pegasus’ IOS hack was discovered. Ahmed Mansoor, an Arab human rights campaigner, received a text message promising “secrets” concerning torture in UAE jails. Mansoor forwarded the link to the University of Toronto’s Citizen Lab, which investigated with the help of Lookout and discovered that if Mansoor had followed the link, his phone would have been jailbroken and spyware installed, a sort of social engineering.

Several lawsuits filed in 2018 claimed that NSO Group assisted clients in using the software and so participated in multiple human rights violations perpetrated by its clients. Two months after The Washington Post journalist Jamal Khashoggi, a Saudi human rights activist, was murdered and dismembered in the Saudi Arabian Consulate in Istanbul, Turkey. Saudi dissident Omar Abdulaziz, a Canadian resident, filed a lawsuit in Israel against NSO Group, accusing the company of providing the Saudi government with surveillance software to spy on him and his friends, including Khashoggi.

More than 1,000 persons from more than 50 nations were identified as being on the list, according to media reports. Business executives, activists, politicians, and chiefs of state, as well as several members of the Arab royal family, are among them. The list also included more than 180 journalists from outlets such as the New York Times, CNN, and Al Jazeera.

Many of the figures were centered in ten nations: Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, and the United Arab Emirates. This list included 300 Indian politicians like Rahul Gandhi, Abhishek Banerjee, Prashant Kishore, and many activists and journalists like Rohini Singh, and Vijaita Singh.

How does Pegasus work?

Pegasus is a spyware program that tracks people’s phones. It operates by delivering a malicious link to the target user, who then clicks on it, allowing the malware or code to be loaded on the user’s phone. Once Pegasus is installed, the attacker has complete control over the phone of the target victim.

Pegasus may “return the target’s personal information, such as passwords, contact lists, calendar events, text messages, and live phone calls from popular mobile messaging apps.” The camera and microphone on the target’s phone can be turned on to record all activities in the area, broadening the scope of the surveillance.

Now a new version of Pegasus is been launched which is more dangerous compared to the previous version of the software. The latest version of Pegasus works based on a “Zero Click attack” which means that even if you click or don’t click the attachment or link it will be installed automatically and starts to run in the background. A zero-click attack allows viruses such as Pegasus to take control of a device without the need for human intervention or error.

Conclusion

To be protected from such Pegasus level hacking, to do something at an individual level is next to impossible. The only thing you can do is don’t share your phone number with people other than your very close friends or family members which is practically not possible for anyone but in day-to-day life against most of the attacks on your privacy you can be protected by using VPN. VPN helps to hide your current location. One of the best VPN app is Nord VPN which works across various devices. Nord VPN has more than 5,400 servers across 59 countries so you can spoof your location among these countries while using the internet.

Authored By:

This Article is authored by Nihal Baba, Department of Information Science & Engineering New Horizon College of Engineering, Bangalore.

error: Content is protected !!

Discover more from Forensic's blog

Subscribe now to keep reading and get access to the full archive.

Continue reading