In this article we will Pegasus spyware how it works & Learn how to secure your phone from Pegasus. The NSO Group is back in the news because it is said to have developed Pegasus. The Pegasus program, run by the government, uses malware to monitor famous figures such as journalists and politicians. However, the MeitY, the department of the Indian government responsible for information technology, has denied any illegal wiretapping by government entities.
The government claims that “there is no substance to the allegations of specific people being targeted for surveillance.” The statement says that the government takes the privacy of all residents very seriously.
A serious concern is that the Pegasus malware began as spear-phishing attacks, and has now developed into zero-click attacks that don’t require the user to take any action. While this makes it nearly impossible to discover or eliminate, it is undoubtedly the world’s most powerful malware, as it’s virtually impossible to detect or eliminate.
Pegasus Malware : What is it ?
Pegasus is a software application, which an attacker can install on your phone to monitor your every behavior. When Ahmed Mansoor, a UAE human rights activist, received a text message on his phone describing tortured inmates in the nation, he provided it to researchers at Citizen Lab, who wrote about it in a widely reported storey. Following the examination, it was discovered that the connections were traced back to the NSO Group’s infrastructure.
A lot has changed since then, and the malware has evolved to the point where it is now a 0-click attack. Malware is installed on a user’s computer while the user does nothing to instal it. It is impossible to detect or stop this spyware because of this feature.
It is speculated that Pegasus malware has been in use since at least 2016. On the company’s official website, NSO Group describes itself as developing software that assists the government with investigations into and the prevention of terrorism and crime.
How does Pegasus work?
Achieving this zero-click attack no longer requires any human input. It exploits software, which prior to the device determining if the data is trustworthy is in the process of receiving data.
Apple phones were vulnerable to the spyware, and as of April 2020, the spyware exploit had been patched. The attack, which came later, successfully targeted the Apple Wireless Device Link (AWDL). This device was also fixed after that.
While the software targeted users on Android versions 4.4.4 and above, it exploited a vulnerability in the graphics library in devices running these versions. Vulnerabilities in Whatsapp have also been exploited by attackers.
How do you stay safe from Pegasus?
In encrypted systems, because of the lack of visibility on the data packets, finding Pegasus and other zero-click attacks has become far more difficult. However, to reduce the risk, consumers should take a few protective measures.
- Updating your operating system to the latest version is always a good idea. Updates released by Apple and Google frequently include security patches for newly discovered vulnerabilities and malware. The updates have been published by both Apple and Google for Pegasus. Starting with iOS 9.3.5, Apple issued a patch for iOS while Google included special controls to limit Pegasus on the majority of Android OS versions (starting April 2017).
- Spyware infects mobile devices by virtue of the user clicking on a link or link that has been distributed to them via text message, email, Twitter, or any other methods. Don’t believe every communication that comes with a link, even if the sender claims to be someone you know. A committed attacker will make an especially deliberate effort to design a communication that appears to be from a trusted source and to discuss something of interest to both parties.
- While the first two recommendations should keep you safe from Pegasus for the time being, it is absolutely crucial that you keep your communications, both inbound and outbound, as secure as possible. Even if spyware infiltrates your phone and you are “under mobile surveillance,” secure calls and messages will give you assurance that you can stay secure in your communications.