PEGASUS - DEFENCE & SECURITY

PEGASUS - DEFENCE & SECURITY

News: Pegasus infection found on Indian journalists’ phones after Apple alert: Amnesty International

 

What's in the news?

       Amnesty International announced that it found recent traces of Pegasus spyware, sold only to governments, on two Indian journalists’ phones after they received “state-sponsored attacker” alerts from Apple in October.

 

Pegasus:

       Pegasus is a type of malicious software or malware cum spyware designed to secretly collect information.

       It can be introduced surreptitiously into mobile devices and can suck up all data and meta-data on the infected device as well as monitor conversations, chats and browsing.

       It is designed to infiltrate smartphones — Android and iOS — and turn them into surveillance devices.

 

Developed by - Israeli security firm NSO Group.

 

Purpose:

       Collection of historic data on  a device without user knowledge

       Continuous  monitoring of activity and gathering of personal information and

       Transmission of this data to third parties.

 

How does Pegasus infiltrate devices?

       Pegasus is part of a tier called “zero click exploits” whereby it takes advantage of bugs in popular apps such as iMessage and WhatsApp to infiltrate the system.

       A zero-click exploit, unlike most cyberattacks, doesn’t require any interaction from the users they target, such as clicking on a link.

       It relies on vulnerabilities in devices and software to gain access.

       Pegasus can also use unsecured websites to infiltrate a device. These are called network injection attacks. The device is infiltrated within milliseconds of visiting such a website.

       It also has real-time access to emails, texts, phone calls, as well as the camera and sound recording capabilities of the smartphone.

 

Who can buy Pegasus?

       NSO claims it will only sell the software to verified government agencies, with a contractual clause that the spyware can only be used in cases of suspected crime or terrorist activity.

 

Target of Pegasus:

       The stated aim of Pegasus is to fight crime and terrorism, the database also has the numbers of over 200 journalists worldwide, including 40 from Indian media houses.

 

Further Reference - Types of Cyber Attacks