Pegasus spyware is being utilized as state-level cyber surveillance. What is it? How does it work? Can you protect yourself? These are some questions that may strike your mind, right? So, read more to find the answers to such questions.
Pegasus, which is the most sophisticated piece of spyware we know so far, has the capability to read and copy messages, record calls, and secretly record a clip of the owner (and near ones) on any device that has been targeted.
What is Pegasus?
In brief, Pegasus is commercial spyware. It’s not similar to the malware used by cyber attackers to earn money by stealing data and cheating their victims. The Pegasus spyware is developed only for spying. Once it has secretly entered into a smartphone, whether it is Android or iOS, it can make it into a completely-fledged surveillance device. Text messages, WhatsApp messages, e-mails, iMessages, and so on are all available for reading and copying. It can also record every incoming and outgoing call, as well as steal all the images of the device. It can turn on the microphone or the camera and record what is being said. The Pegasus is potential enough to access past and present locations also. Clearly, whoever listens at the other end can know almost everything about anyone who is targeted.
The previous versions of Pegasus spyware were located in the wild as far back as 2016. Albeit, this isn’t something new. But its abilities and sophistication have grown rapidly since those early days. The Pegasus spyware isn’t something sold on eBay, Amazon, or even on the dark web. Only the NSO Group sells it to government agencies, and it costs millions of dollars to purchase.
Fortunately, this isn’t in the hands of hackers or terrorists. In fact, NSO Group promotes this spyware as a “technology that helps government agencies safeguard and intervene terrorism and crime to protect thousands of lives around the world.” It sounds noble. However, the term “government” has no assurance of morals, character, or self-restraint. Reportedly, the governments of some countries are using Pegasus spyware to target religious leaders, business executives, academics, journalists, and union officials, including Mexico, Hungary, India, Saudi Arabia, and the United Arab Emirates (UAE).
How does Pegasus Spyware Help Government Agencies?
The NSO Group’s official website says that the company makes technology that investigates and prevents crime to protect millions of lives around the world.
The human rights policy of the NSO Group comprises “contractual obligations needing NSO’s customers to restrict the utilization of the company’s products to the investigation and prevention of serious crimes, including terrorism, and to make sure that the products will not be utilized to violate human rights.”
Although, the company has been accused in the past of utilizing Pegasus spyware to tamper with people.
And then, in the same year, WhatsApp corroborated that about 1,400 of its users in 20 countries, including Indian activists and media personalities, had been targeted. WhatsApp said the Pegasus exploited its video calling feature and a certain vulnerability to transfer malware function to the mobile devices. However, the vulnerability has since been patched by Pegasus spyware in May that year.
NSO reportedly initially made fake WhatsApp accounts, which were then utilized to make video calls. When a user’s phone rang, the intruder sent the malicious code, and the Pegasus spyware got installed automatically in the device even when the user did not respond to the call.
Via Pegasus, the attacker got access to the user’s WhatsApp text and calls, credentials, regular voice calls, contact lists, calendar events, phone’s microphone, and even the camera. Though, the company has denied any kind of wrongdoing. It boasts of supplying Pegasus only to “vetted and legitimate government agencies.”
How can you Save yourself from Spyware?
To protect yourself from spyware, the very first and most vital thing you need to do is keep your device up to date. Apple users are suggested that they should always install iOS updates the time they become available. Android users are suggested to opt for a brand that has a great history of launching updates and then always downloading the latest updates the moment they become available. In case if you have any doubt, choose a Google device, as Google devices tend to release updates the quickest.
The second thing is to never click on a hyperlink that someone has shared with you unless you are 100% sure that the shared link is safe and genuine. If you have even the slightest doubt, then you are suggested not to click on it.
Thirdly, even if you are an iPhone user, don’t think that you are safe as Pegasus targets both Android and iOS. In 2019, Pegasus was actively exploiting vulnerabilities in Facetime that enabled it to install automatically undetected on iOS devices.