Pegasus, The Most Terrifying Spyware ever made

Name: computer repairers
Brand: The Original PC Doctor
Rating: 4.8 (1226 reviews)

Pegasus, the immortal winged god and the son of Poseidon and Medusa, is perhaps one of the best-known creatures in Greek Mythology.

He’s famous for his many good deeds, like creating Hippocrene, the water spring on Mount Helicon, and helping Bellerophon in slaying monsters.

However, the modern-day Pegasus is not a god, but rather the most powerful surveillance tool ever developed. The spyware threatens the very idea of privacy and personal liberty.

While the concept of surveillance is not new, military-grade surveillance technology designed to counter terrorism often gets misused. Pegasus is one such technology.

With the ability to infiltrate any device and harvest data, Pegasus was used to target over 50,000 phone numbers of people across 45 nations, according to a list that leaked on July 18.

Most victims in the list included national leaders, journalists, business executives, activists, opposition leaders, and their families and friends.

What is Pegasus?

Pegasus is the name given to the most sophisticated spyware in the world. NSO Group, an Israeli private firm, developed it to help governments to combat terror and crime.

Considered one of the most lethal technologies ever unleashed, the Israeli Ministry of Defense declared it a military cyber weapon, and only government agencies can own it.

Pegasus’s stealth nature allows it to enter mobile devices and access everything from the microphone to the camera. It’s designed to penetrate devices running on a variety of operating systems, including Blackberry, iOS, Android, and Symbian, and transform them into surveillance tools.

The malware was first detected in 2016 by researchers at the University of Toronto in collaboration with Lookout, a software company. However, its use dates back to 2014 during Barack Obama’s second term when it breached all the security of the most secure Blackberry devices.

Since then, tech experts have found Pegasus lurking in the background of many mobile phones belonging to politicians, human rights defenders, media personalities, and other individuals.

Pegasus spyware diagram. Image source: Prashant Mali

How Does Pegasus Work?

The earliest version of the malware captured in 2016 leveraged the spear-phishing technique to exploit smartphone vulnerability. Spear-phishing involves sending a text message or email to a user and tricking them to click malicious links or open a document that installs the spyware secretly. Attackers could also install the software over a wireless transceiver near the target or manually if they can get a hold of the target’s device.

In 2019, the malware could infect a potential target device with a missed call on WhatsApp. What’s even more surprisingly, it could erase the missed call record. The device’s user would never notice something is amiss. In fact, in the same year, WhatsApp said the NSO’s spyware had affected over 1400 smartphones.

However, the latest version of the software is way more advance in its attacks. It doesn’t need any interaction from the device’s owner for a successful attack. It leverages zero-click exploit, which identifies vulnerabilities in the smartphone, like flaws and bugs in an app or operating system yet to be identified.

Once installed, the malware gives the attacker more control over the device than even the user. They can read text messages, collect passwords, record locations, steal photos, and even harvest information from apps. Pegasus can also activate microphones and cameras without the knowledge of the phone used for real-time surveillance.

Project Pegasus

Project Pegasus revealed to the world how sophisticated spyware was used to target people of interest to the government clients of NSO Group.

The project data included a list of 50,000 phone numbers of influential people. It also contained the date and time the number got selected or entered into the system.

Forbidden Stories, a journalism firm based in Paris, and Amnesty International’s cybersecurity team had access to this list and passed it to 16 media organizations under the name “The Pegasus Project”.

Over 80 journalists worked together on the project and published a report on July 18, 2021, stating that Pegasus targeted non-criminals. They also viewed the practice as a threat to the freedom of speech, freedom of the press, democratic opposition, and dissidents.

A few days after the release of the report, 14 heads of state were identified as former Pegasus targets. Because of this, several parties, including renegade whistle-blower Edward Snowden, called for an investigation into the abuse and limitation of such military-grade malware.

Pegasus spyware target. Source: BBC

Prominent Mentions from Project Pegasus

Mexico (Hunt for El Chapo)

According to reports, the Mexican government was the first client to purchase Pegasus from NGO. They bought the software to bring down the country’s $21 billion drug cartel and its biggest player, Joaquin Guzman Loera or El Chapo.

Because of the software, they captured El Chapo on January 8^th, 2016. He got extradited to the US, and later sentenced to life imprisonment.

Initially, Pegasus served its intended object, but later it got misused. For instance, the Pegasus project reveals that the then Mexican President, Enrique Pena Nieto used the technology to spy on his rival Andres Manuel Lopez Obrador, Mexico’s current president.

Pegasus was also linked to the death of Cecilio Pineda, a local journalist from Altamirano, in 2017.

Saudi Arabia (Killing of Jamal Khashoggi)

The 50, 000 phone numbers leaked include the number of Hanan Elatr, wife of the Saudi columnist killed on October 2, 2018.

While NGO denied that the spyware was employed on the Journalist, forensic analysis of Jamal’s cell phone traces the hack to the United Emirates, one of its clients and a close ally to Saudi Arabia.

Khashoggi’s fiancé, Hatice Cengiz’s phone was also targeted with the same technology four days before his death. Other targets included the journalist sons Wadah and Abdullah Khafar, Iran Fidan, the Turkish prosecutor, and Yasin Aktay, a friend.

India

Project Pegasus also determined that over 1,000 phone numbers from India got targeted with the malware. Forensics analysis and reports from media outlets linked the compromised numbers to Rahul Gandhi (Congress leader), Abishek Banerjee (Trinamool Congress general secretary), Ashwini Vaishnav (IT and Railways Minister), Prahlad Sign Patel (Union Minster), and at least 40 activists and journalists.

Other Individuals Affected by Pegasus

According to Citizen Lab, over 51 phones of people from Catalonia, Spain got infected with the spyware. The individuals include a pro-independence member of the European Parliament–Jordi Sole and digital security research–Elies Campo and his family.

Also, the phones of 6 members of the Palestinian human right group had the Pegasus virus.

Closing Thoughts

Pegasus seems to target influential individuals like politicians, human rights activists, journalists, and directors of big organisations. However, no one is safe from the malware. Because of its efficient mode of attack, you won’t even know when it infiltrates your phone.

Luckily, Amnesty’s Researchers released an open-source toolkit called Mobile Verification Toolkit (MVT)v that works to detect traces of Pegasus. Designed for both Androids and iPhone devices, you can use the toolkit to analyse data such as backup files to detect potential compromise.

Alternatively, you can discourage Pegasus from building a home in your devices by updating your OS, avoiding clicking links or opening suspicious email attachments, encrypting your device’s data, and enabling remote-wipe features.

References

Written by The Original PC Doctor on 12/11/2022.

Embark on a journey of connection and joy! Share this page with your loved ones on your favourite digital platform. Click one of the icons below and let the magic of sharing begin!