Reports that revealed that several countries used the Israeli “Pegasus” program to spy on phones provoked resounding reactions, especially as this program targeted activists, politicians, journalists and governments.
Press reports related to the Israeli spy program reveal that the main party that exploited the program are governments that tried to track the phones of activists, journalists, company managers and politicians.
How does Pegasus hack phones?
Researchers believe that early versions of the hacking software, first exposed in 2016, used text message booby-traps to install on the targets’ phones.
The target must click on the link he received in the message in order to download the spyware, but this limited the chances of successful installation, especially with the increasing caution of phone users against clicking on suspicious links.
In contrast, newer versions of “Pegasus” developed by the Israeli company “NSO Group” have exploited loopholes in widespread mobile applications.
In 2019, the WhatsApp messaging application filed a lawsuit against the Israeli company, claiming that it used a vulnerability known as the “zero-day vulnerability” in its operating system to install spyware on about 1,400 phones.
Once the target person is contacted via WhatsApp, Pegasus can be secretly downloaded to their phone even if they do not answer the call.
Recently, it was reported that Pegasus exploited a vulnerability in Apple’s iMessage app, potentially giving it automatic access to one billion iPhones currently in use.
What does the program do after downloading it?
Alan Woodward, professor of cyber security at the University of Surrey in the UK, explains that Pegasus is probably one of the most efficient remote access tools.
“Think of it as if you put your phone in someone else’s hands,” he said. “The software can be used to look at victims’ phone and email messages, look at photos they’ve taken, eavesdrop on their calls, track their location and even film them through their phone cameras.”
The researcher confirms that the developers of “Pegasus” have become “better with time in hiding” all traces of the program, which makes it difficult to confirm whether a particular phone has been hacked or not, so it is still unclear how many people have hacked their devices, although the latest Media reports say that there are more than 50,000 phone numbers in the Israeli company’s customer targets bank.
Amnesty International’s Security Lab, one of the organizations investigating Pegasus, said it had found traces of successful iPhone attacks, most recently this month.
Can the program be removed?
Since it is very difficult to tell if your phone has the malware, it is also difficult to know for sure if it has been removed, as Pegasus installs itself on one of the phone’s hardware or in its memory, depending on the version. If it is stored in memory, restarting the phone can theoretically erase it, so it is recommended that people at risk of targeting such as entrepreneurs and politicians shut down their devices and restart them on a regular basis.
In this context, Woodward said that “it seems exaggerated to many … it is possible to resort to anti-virus programs available for mobile devices.”
He continued, “If you are at risk, you may have to install some antivirus software on your phone.”
An investigative investigation published on Sunday revealed that “activists, journalists and politicians around the world have been targeted by spying operations with a malicious program for cell phones developed by the Israeli company NSO.”
“Military-grade malware from the Israel-based NSO Group is being used to spy on journalists, human rights activists and political opponents,” the investigation reported.
The consortium of 17 news organizations says it has identified more than 1,000 individuals in 50 countries that have been selected by NSO clients since 2016 for potential surveillance, including nearly 200 journalists.