Last month in India, Pegasus spyware was very much in the news. Every newspaper, television channel, and social media platforms like Twitter, Facebook, and Connect app were busy discussing the Pegasus spyware. It was alleged that the government of India surreptitiously spied against opposition party leaders, Supreme Court judges, and the leading journalists. It wasn’t as if such things never happened. In the past also, similar things happened, but the extent and the scale on which it was used was unprecedented.
There was a huge uproar in the parliament too, and this particular issue dominated the public space so much that the monsoon session of parliament was completely ruined as opposition leaders kept interrupting the proceedings of the house. They wanted a discussion on this issue, but the government wasn’t forthcoming. They kept denying that such things ever happened. But the cat was out of the bag.
Since Pegasus spyware came into the news, people are curious to know what it is all about. And how does this spyware work, and how is it able to control smartphones around the world? We will try to find answers to all these questions here.
How this spyware came into existence?
Pegasus is highly intelligent spyware developed by NSO group which is a private Israeli company. This is essentially used to spy or monitor the targeted device through the smartphone. It does not work like any normal spyware.
According to NSO Group, this spyware was specially developed for use by the government in many countries for investigating terror and crime cases. The world became aware of this spyware in the year 2016 when a human rights activist in the Middle East country discovered it by chance. He was shocked that spyware was being used against him.
It is a type of malware that is deliberately installed in the target device. In most cases, the malware was clandestinely sent as part of regular text messages and emails. Initially, iPhone users were found to be the main target of Pegasus but eventually, android devices were also included. It uses a bug or flaw which is already present in the target device. However, Apple has since fixed the particular bug that Pegasus was used to hack their mobile phones.
Spyware steals the personal details of users
According to a hacking expert, Pegasus malware is made of many smaller payloads or plugins that get installed in the target device. Once it’s there, it begins scanning, and soon captures its entire functions. It gets access to user’s messages, phone calls, emails, and contacts information. It doesn’t stop there. It can even take screenshots of sensitive data, and browser’s history. In simple language, it can spy on almost every activity of the target device.
It can also steal data through apps
The spyware can activate the camera or microphone of the target device to capture images and video recordings even without users’ prior permission or knowledge. It gets an easy access to phone calls and voicemails of the target device. It also collects information about its location. It can penetrate every text, audio, and video message of the target device. Encryption isn’t an obstacle for Pegasus spyware. No platform is secure enough from its attack because it steals data the moment it’s released.
How does Pegasus Hack phone?
Citizen Lab, the cybersecurity research group thinks that Pegasus spyware is very clever software that doesn’t rely on a particular method to enter the target device. Usually, a routine link is sent to the target device in the form of a text message. As soon as the user clicks on this rogue link, the spyware finds a way to enter the target device.
Previously, Pegasus relied more on sending fraudulent messages to attack the target device. The process usually began by sending the website’s URL to the target device through text messages, emails, or even social media posts. Surveillance software packages are generally remotely installed in the target device by luring users to click dubious links.
In the last few years, NSO has been continuously updating and improving its spyware and has increased its attack capability many times. Detecting such a versatile and sophisticated malware is simply out of question. Probably, the only choice for users to prevent such attacks is to maintain their vigil and alertness.
How does Pegasus spyware work?
The Pegasus version can also be installed through a “zero-click” that does not require any interaction with the target device. This literally means that your phone can still be hacked, whether you click on those malicious links or not. Most of these attacks take advantage of deficiencies in the operating system.
One of such attacks was reported by WhatsApp in May 2019 when spyware targeted a gap in their VoIP stack. Then the malware was installed on the target device by just making a routine Whatsapp call, irrespective of whether the target device took the call or not.
The process began with the hacker first making a video call to the target device from a fake WhatsApp account. And while the call was still in progress, the Pegasus malware got surreptitiously installed in the target device by using a unique code. However, to hack Android phones, a different method was used to control the target device.
Why Pegasus spyware is considered so lethal?
Pegasus spyware does not leave any traces or footprints after it gets installed on the target device. Therefore, you will be mostly ignorant of the fact that your phone is hacked. Moreover, it works on a single bandwidth. The scariest thing about Pegasus is that it continues to operate even when the phone is locked.
Pegasus has broken through iPhone security too
No device is out of reach from attack by Pegasus spyware. Apple iPhones always claim to offer better privacy and advanced security than their competitors, but when it came to protection from spyware, it was found equally vulnerable to so-called “zero-click” attacks from Pegasus. As a matter of fact, NSO Group has successfully infected several iPhone models over the years.
There have been a lot of questions raised in the media about whether it was justified on the part of the government to spy on the opposition leaders and the judges of the Supreme Court. However, this is not something happening for the first time. Not only in India, but throughout the world such tactics were used by governments to spy on the opposition and media.
Even in countries like the US, and Russia, such measures were adopted by the government. We all know about the infamous Watergate scandal in which President Richard Nixon had to resign from his post. Even in India, during the prime ministership of Mrs. Indira Gandhi, opposition leaders, activists, and media were spied on during the emergency.