The Israeli company NSO Group is once again in the spotlight, being alleged of developing Pegasus. Pegasus is a spyware which the Indian government is being alleged to have been using to snoop on prominent personalities including journalists and politicians. However, the Ministry of Electronics and Information Technology (MeitY) has refused any unauthorised interception by government agencies. Also Read - Apple releases important iOS 14.7.1 update: iPhone users must download it right now
“The allegations regarding government surveillance on specific people have no concrete basis or truth associated with it whatsoever,” the ministry said in a statement. It said that the government is committed to ensuring the right to privacy of all its citizens. Also Read - iPhone SE gets cheaper on Flipkart only for today: Get over Rs 11,000 flat discount
One of the major worrying aspects of the Pegasus spyware is that it has evolved from using spear-phishing methods to zero-click attacks, which do not require any action from the user. This makes it almost impossible to detect or stop, and is also arguably, the world’s most powerful spyware out there. Also Read - Apple Watch SE GPS for Rs 24,900 until tonight: How to quickly avail this deal
What is Pegasus?
Pegasus is a software, which can be installed on your smartphones by an attacker to track all of your device’s activity. The spyware originally made headlines in 2016, when UAE human rights activist Ahmed Mansoor received a text message on his phone about tortured prisoners in the country with a link, which he sent to researchers at Citizen Lab. After the investigation, it was found that the links were linked back to infrastructure belonging to the NSO Group.
The spyware has evolved a lot since then, and has now managed to become a zero-click attack. This means that the targetted user is not required to perform any action to install the spyware, thus making it impossible to detect or stop.
Pegasus spyware is believed to have been around since at least 2016. It has also been known by other names like Q Suite and Trident. The spyware can even infiltrate Apple’s iOS, which is why it is known as one of the most sophisticated products available. To recall, Pegasus was meant to be used by governments on a per-license basis. However, in May 2019, the company had limited sales of the spyware to state intelligence agencies and others.
NSO Group on its official website states that it creates software to help government agencies, prevent and investigate terrorism and crime. The company also states that it has contractual obligations requiring its customers to limit the use of its products to the prevention and investigation of serious crimes, and to ensure that they will not be used to violate human rights.
How does it work?
Pegasus is now a zero-click attack, which allows the attacker to gain control over a targetted user’s device without any human interaction. It relies on exploiting software, which receives data before the device can determine if the data is coming in from a trustworthy source or not.
On Apple smartphones, the spyware was taking advantage of a vulnerability in the mail app, which was reportedly patched in April 2020. After that, the exploit targeted the Apple Wireless Device Link (AWDL), which has also since been patched.
On Android devices, the spyware was targeting a vulnerability in the graphics library of phones running version 4.4.4 and beyond. Many attackers have also exploited vulnerabilities in Whatsapp.
How can you protect yourself?
Detection of Pegasus and other zero-click attacks has become a lot harder, especially in encrypted environments where there is no visibility on the data packets. However, users can still take a few steps to protect themselves. The first step would be to keep your smartphone up to date, to ensure that there are patches available for vulnerabilities that have been spotted. The second would be to not sideload any apps to the operating system. Lastly, users can also stop using apps and switch to checking emails, social media and more on the web browser.