An investigation by the Pegasus Project, an international media consortium, revealed that more than 50,000 phone numbers were attacked by spyware created by the NSO Group, an Israeli software company. The list contained 300 verified phone numbers in India, including ministers, opposition leaders, a sitting judge, more than 40 journalists, and various activists and businessmen.
But what is Pegasus, what is it for, how does it infect devices, and what can it do?
What is it?
Spyware is any malicious software that is designed to enter your computer device, collect your data, and forward it to a third party without your consent.
Pegasus is probably the most powerful spyware ever developed by the NSO Group. It is designed to infiltrate smartphones (Android and iOS) and turn them into surveillance devices.
However, the Israeli company markets it as a tool to track criminals and terrorists, for targeted espionage and not for mass surveillance. The NSO Group sale charged its customers $ 650,000 to infiltrate 10 devices, plus a $ 500,000 installation fee.
How does it work?
Pegasus exploits undiscovered vulnerabilities, or bugs, on Android and iOS. This means that a phone can become infected even if it has the latest security patch installed.
An earlier version of spyware, from 2016, infected smartphones using a technique called “spear-phishing”: text messages or emails containing a malicious link were sent to the target. This depended on the target of the link being clicked, a requirement that was removed in later versions.
As of 2019, Pegasus can infiltrate a device with a missed call on WhatsApp and also delete the record of this missed call, making it impossible for a user to know that they were attacked. In May of that year, WhatsApp said that Pegasus took advantage of a bug in its code to infect more than 1,400 Android phones and iPhones, including government officials, journalists and human rights activists. He soon fixed the error.
Pegasus also takes advantage of a bug in iMessage, giving it backdoor access to millions of iPhones. Spyware can also be installed on wireless transceivers (radio transmitters and receivers) located near the target.
What can you do?
Once installed on a phone, Pegasus can intercept and steal any information you want, including SMS, contacts, call history, calendar, email, and browsing history. You can use your phone’s microphone to record calls and other conversations, secretly film it with your camera, or track it with GPS.
What data does it collect?
The amount of data that Pegasus spyware can collect is very high. Once installed on the victim’s device, Pegasus can have full control over the phone, including root privileges. With this extensive control, spyware can collect tons of information and do things that even a user cannot.
What platforms is Pegasus Spyware targeting?
The main targets of Pegasus spyware attacks are iPhone and Android devices. However, this is not to say that this is a definitive list. You can probably install Pegasus on older Symbian and Blackberry devices, as well as phones running outside of the updated operating system.
A recent report by Amnesty researchers has found that Pegasus could infiltrate the iOS ecosystem using zero-click exploits in Apple’s mobile operating system. This method does not require user interaction and is virtually undetectable. Citizen Lab researcher Bill Markjak recently pointed out that Apple devices with iOS versions as recent as iOS 14.6 are prone to exploiting iMessage without clicking. Malicious actors can use these flaws to install Pegasus on your device.