Pegasus Spyware – The Most Refined Malware of All Times
What is Pegasus?
Pegasus, spyware developed to help the government authorities against crime, is set to become the ‘most sophisticated smartphone attack ever’. The Pegasus software was first recognized in 2016 and is allegedly developed by NSO Group, an Israeli company. According to the official website of the NSO group, they develop software to assist government agencies in preventing crime and terrorism. However, a recent report by various media houses has a contrasting version.
Earlier this month, a news report by The Wire and other international publications claimed that thousands of mobile phone users were targeted worldwide using Pegasus. Allegedly, 200 Indian mobile users including journalists, ministers, opposition leaders, and businessmen were also spied upon by the government. Following the allegation, the Ministry of Electronics and Information Technology said that there is no concrete basis or truth associated with it.
Irrespective of the legality, ethics, or reality, it is for sure that Pegasus is one of the most powerful spyware that the world has ever witnessed.
Why is Pegasus more sophisticated than ever?
What began as a spear-phishing attack in 2016 has now evolved into a ‘zero-click’ attack. In a spear-phishing attack, the mobile phone is injected with malware with the help of a website URL sent via SMS, email, social media, etc. As soon as the user clicks on the link, the malware gets installed into the device. However, such attacks could be sensed and averted. Whereas the newer version of Pegasus is so engineered that it becomes almost impossible to be detected or stopped.
The ‘zero-click’ attack doesn’t depend on human interaction, error, or a click; meaning that the phone can be hacked even if the user doesn’t click on a malicious link. This advanced technique targets the software or hardware flaws to gain access to a device. Once the target is set, the attacker will look for vulnerabilities in the operating system or applications present in the target’s phone. Then, the attacker will inject code (in the form of a hidden text message or an image) to compromise the phone. The code will disappear as soon as the spyware is installed, leaving no evidence behind.
What can Pegasus do?
After a successful installation, Pegasus can potentially access everything in the target’s phone. It can easily steal passwords, text messages, pictures, contacts, and access browsing history, microphone, camera, GPS, etc. The spyware can also record voice or video calls made through WhatsApp. All this can be done without the knowledge of the victim. As per the Citizen Lab of the University of Toronto, the spyware is engineered to go undetected by anti-virus software and forensic analysis. It can only be deactivated by the attacker remotely.
Can a Pegasus attack be avoided?
A Pegasus attack can be prevented but cannot be completely avoided. It has attacked the software programs of Apple, Google, WhatsApp, and Microsoft in the past. However, the corporations patched the loopholes and updated their software to avoid exploitation in the future. Therefore, the first step towards protecting yourself against such an attack is by regularly updating the device’s software and applications. Secondly, avoid side loading any apps to the operating system.
However, if the spyware has already entered the device, it is impossible to detect or get rid of it. It is advisable to discard the infected device, re-install updated applications on a new device and change passwords of all the online accounts which were logged in on the infected device.
As much as the ‘zero-click’ technology makes Pegasus a mighty attack, it makes it an expensive tool too. Due to its high cost, spyware is used by giant organizations and government agencies. It is almost unaffordable for a nominal hacker and therefore cannot be used to target people on a daily basis. However, such spyware is certainly a matter of concern. While the corporations have protected themselves against the current version of Pegasus, advanced variants or more sophisticated spyware may await in the future. Contact Cyberops Experts for more details.