How Pegasus infects your phone |
and spies on you without a click |
Among its 50,000 potential
targets are journalists, Union
ministers, opposition netas,
businessmen and activists,
an investigation finds
‘Toes News Network
eveloped by Israeli cyber intel-
ligence NSO Group — known
for its expertise in creating
specialised cyber weapons —
Pegasus is a highly sophisticated sur.
veillance tool. It got widespread atten-
tion in 2019 when WhatsApp alerted
several users that a spyware had com-
promised their phones.
WhatsApp, Amnesty Internation-
al and others sued NSO in the US in
2019, but Pegasus was reportedly used
as early as 2016, when an Arab human
rights activist’s iPhone was hacked.
Within days, Apple released an iOS
update that ‘reportedly patched the
vulnerability targeted by Pegasus.
Pegasus is in the middle of a
massive controversy again with an
international media collaboration re-
porting an unidentified agency may
be targeting journalists and others
for surveillance with it. Among the
50,000 phone numbers found on a po:
tential list for surveillance, 40 are of
Indian journalists.
Who has access and
| what's it used for?
Multiple reports have said Pegasus
| is used for surveillance by agencies
‘across countries, but there is no clar-
ity on which specific agency in which
country uses it.
‘The investigation by Amnesty In-
ternational and French media group
Forbidden Stories has found that
while most NSO servers are in Eu.
rope, three are located in India and
tased as attack infrastructure
If NSO is to be believed, no non-
governmental agency has access to
its software. It says it has 60 govern:
ment agency clients in 40 countries,
ut has not named them. And while
‘WhatsApp and others allege Pegasus
is spyware. NSO maintains it sells its
| software “for the sole purpose of sav
ing lives through preventing crime
ANU LerTOF 3 vom
“NSO does not operat 1e sys
and nae ne visity tothe data, Our
| technologies are being used every day
te ctreak up pedophilia rings, sex and
drug-trafficking rings, locate miss:
‘access almost any data on a phone
VULNERABLE APPS
SMS Emails Calling
@e@
WHAT DATA CAN PEGASUS MALWARE STEAL?
Pegasus can exploit weaknesses in messaging apps to steal data
without any interaction from the user. Once installed, Pegasus can
300 Indian numbers tracked
An investigation by Amnesty
International and French media
group Forbidden Stories found that
of the 50,000 numbers potentially
targeted by Pegasus since 2016, 300
have been identified as belonging to
Indian journalists, activists, |
business executives and
opposition politicians. Altogether:
caenir orsaaa conacs | 1,000
numbers from
the full list government
C)/ isentises cis |
WhatsApp Photos & Microphone 50 countries
| chats "videos CO) sins ee
). journalists,
(0) \ 85 human including 40
CD) rights activists from india
Activate Internet |
carers. - browser 65 business executives
ing and kidnapped children,” an NSO
statement reads.
How are phones hacked?
Pegasus’ USP is its ability to invade
a phone without a click from the tar-
geted user. The Organized Crime and
Corruption Reporting Project (OC:
CRP) says earlier versions required a
target's active participation. Pegasus
operators sent text messages contain.
ing a malicious link, which if clicked
‘on would open a malicious web page
to download and execute the mal
ware. But as people became better at
spotting malicious spam, the use of
“zero-click exploits’ began.
Zero-click exploits use bugs in
popular apps like iMessage, What:
sApp, and FaceTime, which all re
ceive and sort data, sometimes from
unknown sources. “Once a vulnera-
bility is found, Pegasus can infiltrate
a device using the protocol of the ap
‘The user does not have to click on
link, read a messag swer a call
— they may not even see a missed call
‘or message,” OCCRP says.
‘Timothy Summers, a former cy.
ber engineer at a US intelligence
agency, described Pegasus as a nasty
software. “It hooks into most mes.
saging systems including Gmail,
Facebook, WhatsApp, FaceTime,
Viber, WeChat, Telegram, Apple's
built-in messaging and email apps,
and others. With a line-up like this,
one could spy on almost the entire
world population. It's apparent that
NSO is offering an intelligence-agen.
cy-as-a-service,” Summers had said
to reporters.
What type of surveillance?
Basically, Pegasus can spy on every
aspect of the target's life, research:
ers from cybersecurity firm Kasper.
sky say. It is modular malware —
after scanning the target's device,
it installs the necessary modules to
read the user's messages and mail,
listen to calls, capture screenshots,
log pressed keys, exfiltrate browser
history, contaets, ete
Pegasus could even listen to
encrypted audio streams and read
encrypted messages — thanks to its
keylogging and audio recording ca,
pabilities, it was stealing messages |
before they were encrypted (and, for
incoming messages, after decryp.
tion),” Kaspersky adds,
Nee eee