What can Pegasus spyware do?
According to Kaspersky, Pegasus spyware is capable of reading a user’s SMS messages and emails, listening to calls, taking screenshots, recording keystrokes, and accessing contacts and browser history. Another report confirms that a hacker can hijack the phone’s microphone and camera, turning it into a real-time surveillance device. It should also be noted that Pegasus is a complex and costly malware designed to spy on individuals of particular interest, so average users may not fear being targeted.
When was Pegasus spyware first discovered?
Pegasus spyware was first discovered on iOS devices in 2016 and then a slightly different version was found on Android. Kaspersky says that in the early days, its attack was via an SMS. The victim used to get an SMS with a link. If he clicked on that link, his device would have been infected with spyware.
However, over the past half decade, Pegasus has evolved from a relatively crude system relying on social engineering to software that can access phones without the user clicking a link, or in the parlance of the cyber world, Zero-click is capable of exploiting.
How does Pegasus spyware infect phone?
The Organized Crime and Corruption Reporting Project (OCCRP) reports that eventually, as the public becomes more aware of these methods and better able to identify false spam, there are solutions to avoid zero-click exploits. have also been discovered. Be aware that Pegasus accesses your device in such a way that you will not even notice it. Zero-click exploits rely on bugs in popular apps such as iMessage, WhatsApp and FaceTime that retrieve and sort user data, sometimes through unknown sources. Once a breach is found using these bugs, the device can be easily infiltrated using the protocol of the Pegasus app.
Timothy Summers, a former cyber engineer with the US intelligence agency, says it connects to Gmail, Facebook, WhatsApp, FaceTime, Viber, WeChat, Telegram, Apple’s inbuilt messaging and email apps as well as many other apps. With such apps, almost the entire world population can be spied on. He said that it is clear that NSO is acting like an intelligence-agency-as-a-service.
Apart from the zero-click exploits, OCCRP has also mentioned another method. The report says that this software also uses another method called “network injection” to take silent access to the device. Browsing the target’s web can leave them open to attack without needing to click on specially designed spam links. It waits for the user to visit a website that is not completely secure. Once the user clicks on a link to an unsafe site, software from NSO Group gains access to the phone and triggers the attack.
Amnesty International recently reported that this NSO Group spyware exploited the new iPhone models, specifically the iPhone 11 and iPhone 12, through a zero-click exploit via iMessage. Spyware can copy downloaded applications to the iPhone and transmit itself as push notifications through Apple’s servers. Thousands of iPhone handsets have been potentially affected by NSO spyware.
Kaspersky says Pegasus Zero-Day for Android doesn’t rely on vulnerabilities. Instead, it uses a well-known routing method called Framaroot. There is another difference, if the iOS version fails to jailbreak the device, the whole attack fails, but this is not the case with the Android version. Even if the malware fails to gain the root access required to install this software, it tries to directly ask the user for permission to at least take out some of the data.
Any way to detect phone tampering with Pegasus spyware?
Researchers at Amnesty International have developed a tool that can tell if your phone has been infected with spyware. The purpose of the Mobile Verification Toolkit (MVT) is to help identify whether Pegasus has infected the device. Although it works on both Android and iOS devices, it requires some command line knowledge. The MVT is also expected to acquire a Graphical User Interface (GUI) over time, making it easier to understand and operate.