What is Spyware?
“A spyware is any malicious software designed to enter your computer device, gather your data, and forward it to a third-party without your consent.”
Malicious spyware is a type of malware specifically installed without your informed consent. In short, spyware communicates personal, confidential information about you to an attacker.
What is Pegasus & Purpose to design this Spyware?
Pegasus spyware is created by Israel-based surveillance technology company NSO Group Technologies (NSO standing for Niv, Shalev and Omri, the names of the company’s founders), subsidiary of Q Cyber Technologies, that founded in 2010.
Pegasus is not random spyware that you find on google. it is a type of spyware which infiltrate and doing self installation on your device which means it’s type of purely sophisticated, designed in a excellent manner and one of the most advance spyware.
NSO does not provides any particular name who buys its software. But according to its website their products are used exclusively by intelligence and law enforcement agencies to fight against crime and terror. Some of the High profile cases had been solved by this spyware.
Why Pegasus is in news?
Pegasus Spyware has allegedly been used to secretly monitor and spy on an extensive host of public figures across the world including India.
The Pegasus Project is a ground-breaking collaboration by more than 80 journalists from 17 media organizations in 10 countries coordinated by Forbidden Stories with technical support of Amnesty International’s Security Lab. Approximately 50K user including heads of state, activists, diplomats, journalists are been targeted & spied by the Pegasus Spyware across the globe.
NSO Group’s spyware has been used to facilitate human rights violations around the world on a massive scale.
From the leaked data and their investigations, Forbidden Stories and its media partners identified potential NSO clients in 11 countries: Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Togo, and the United Arab Emirates (UAE).
Why its hard to trace?
Actually, Pegasus is the most sophisticated attack ever seen in the world. The spyware has capability to of self destruction in case of detection. so there is no trace left that the devices are being affected by Pegasus.
Generally, there are some indicators if any type of malware are installed on your device like battery consumption, Working slowly, increment in data usage, unusual behavior, heating problems etc. But in the case of Pegasus there is nothing unusual things happen, no trace that your phone is infected, Nothing ! It works silently with/without your concern.
If it is not connected to the command and control server for 60 days or it thinks it has been installed on the wrong device, then it destroys itself.
As Zero-click attacks are hard to detect & prevent users can use the latest versions of OS, keep updating you applications, and download it from the trusted sources.
How this spyware installed in your phone?
These type of malware working on traditional Phishing techniques in that you’ll get a link on your social media, personal email, Text Messaging and once you click the malware installed in your device.
But in the case of Pegasus spyware, it uses a Zero-click vulnerability which means it can directly installed on user device without human interaction. So user are not even knew that they are being attacked.
According to kaspersky report, after scanning the target’s device, it installs the necessary modules and since they have the root privilege, means they can access all your messages and mail, calls, contacts, capture screenshots, exfiltrate browser history, and also could even listen to encrypted audio streams and read encrypted messages. Basically, it can spy on every aspect of the target’s device.
How to keep yourself safe from Pegasus?
Till now there is no any updated patch found to prevent this spyware. It is impossible to evade cyber-attacks because of the fastest growing technology, because the hackers are getting smarter by upgrading their tools as well. Still you can follow some of these steps to minimize the risk.
- Download from authorized sources.
- Stay away from unofficial app stores
- Be reserved about giving permissions to apps
- Avoid email links and attachments when possible
- Avoid using public WiFi
- Update your Apps/Software immediately when security patches are released.
Find out more information on Pegasus here,
Thanks for reading … 😊😊
