Moneycontrol PRO
Upcoming Webinar:Join us for 'The Future Techshot' on Sept 22, 10:30am to gain insights into role of tech in streamlining businesses. Register Now!
you are here: HomeNewsTechnology

Explained | Everything you need to know about Pegasus: The Israeli spyware used to snoop on politicians, activists and journalists

The spyware was discovered on the phones of many prominent journalists and activists

July 19, 2021 / 03:44 PM IST
The spyware was discovered on the phones of many prominent journalists and activists

The spyware was discovered on the phones of many prominent journalists and activists


We live our lives within the borders of our home, our haven away from the pressures of the world but, in an online world, we forget that our privacy is no longer sacred. It is simply a lock that needs a key. 

Pegasus is that key. A surveillance tool at heart, the spyware has been covertly installed onto the smartphones of prominent journalists and activists around the world. The intention is clear, and the threat real. 

What is Pegasus? 

Created by Israeli cyber intelligence firm NSO Group, Pegasus exists to help law enforcement battle crime. The NSO says that it intended to "develop best-in-class technology to help government agencies detect and prevent terrorism and crime." 

Somewhere along the line, those priorities have changed. Thanks to leaks from prominent publications such as The Guardian, we know that it targeted and monitored specific individuals to gather data. 

Close

The NSO has confirmed the existence of the spyware but has said that it only sells the tool to governments and is not responsible for its misuse. 

Pegasus first achieved prominence in 2016 when discovered on a smartphone that belonged to a human rights activist. Since then, it has stayed in the limelight. Facebook even went to court and sued NSO Group for making the tool.  

The lawsuit also shed light on the extent NSO was willing to go to keep their tool relevant. Facebook claimed that the attackers had reverse-engineered the WhatsApp app to send malicious code over the network. 

Will Cathcart, WhatsApp CEO put out a tweet and urged the governments to hold abusers of spyware responsible

What makes the software worrisome is that its installation is covert and hard to trace. There are a variety of exploits that Pegasus can use to slither its way into a phone. 

How does Pegasus work? 

There are a variety of exploits that Pegasus targets to install itself onto a smartphone. The simplest way is to get the user to click on an infected link or use a voice call vulnerability in WhatsApp that allows installation simply by placing one missed call. The tool also deletes the call logs afterwards, so you have no way of knowing what happened. 

The more recent traces have used an exploit called zero-click. This vulnerability allows Pegasus to become operational without needing any user input. On iPhones, this was possible using a weakness in the mail app where a threat actor could send remote code with mail that consumed large amounts of memory. Apple reportedly patched this in 2020. 

On Android, this exploits the operating system's graphics library. A threat actor could send hundred's of multimedia messages and brute force its way into Android's memory system to run remote code. Google and Samsung both confirmed that they had patched this bug. 

Other exploits include Apple's Wireless Device Link, the peer-to-peer networking protocol used by iOS devices to talk to each other. Apple acknowledged that it was powerful enough to shut off and reboot systems before being patched. 

Despite the security updates and patches, Amnesty international confirmed that Pegasus still managed to infiltrate Android and iPhones as recently as July 2021. 

Once Pegasus finds its way onto a smartphone, it operates with all possible permissions. It can track your call logs, monitor your calls, access your camera to record video and use your microphone to record audio. It can read your browsing history and collect information on your app activities. It can read your inputs and, it can even use your GPS to track your current location.

All of the data from the smartphone is extracted and sent to the threat actor. This process is invisible and hard to detect. 

The implication that government's around the world use Pegasus to spy on innocent journalists and activists is chilling. With our thoughts already soured by this revelation, we can only guess what lies behind the curtain.
Rohith Bhaskar
first published: Jul 19, 2021 03:16 pm

stay updated

Get Daily News on your Browser
Sections
ISO 27001 - BSI Assurance Mark