Pegasus, perhaps the most powerful spyware ever created by a private company, says the British Guardian. As soon as it makes its way to your phone, without you noticing, it turns it into a 24-hour monitoring device that can copy messages you send or You receive it, collect your photos and record your calls.
He might secretly film you through your phone’s camera, or activate the microphone to record your conversations. It can also pinpoint where you are, where you’ve been, and the people you’ve met.
Pegasus is a hacking program – or spyware – developed by the Israeli company NSO Group and marketed to the governments of countries around the world. It has the ability to hack billions of phones running iOS or Android operating systems.
The oldest discovered version of Pegasus, obtained by researchers in 2016, penetrates phones through what is called phishing, that is, text messages or emails that prompt the target to click on a hack link.
But then, the capabilities of the Pegasus program became more advanced. It can now reach its targets through so-called “zero-click” attacks, which do not require any interaction from the owner of the phone to be able to hack it. These attacks often exploit zero-day vulnerabilities, which are flaws or bugs in the operating system that the mobile phone manufacturer hasn’t discovered and therefore been unable to fix.
And in 2019, WhatsApp revealed that the Pegasus program was used to send hacking programs to more than 1,400 phones by exploiting the vulnerability of the attacks without waiting, simply by making a WhatsApp call to the target device. The Pegasus program was able to install malicious code on the phone, even if the target did not respond. Never on a call.
More recently, NSO began exploiting vulnerabilities in iMessage software installed on Apple phones, which enabled it to hack hundreds of millions of iPhones.
Apple says it constantly updates its software to prevent these attacks.
Research by Claudio Guarnieri, director of Amnesty International’s Security Lab in Berlin, has improved the technical understanding of Pegasus, and how it finds the obvious traces it leaves in a phone after it has been hacked.
“Things are getting more complicated than the target phones notice,” Guarnieri told the Guardian, who explained that NSO clients prefer subtle attacks that don’t require sending links to suspicious text messages.
Companies such as Israel’s NSO see the special appeal of exploiting software installed on devices such as iMessage, or widely used programs such as WhatsApp; Because it increases the number of cell phones that Pegasus can successfully hack.
As the technical partner of Project Pegasus, an international consortium of media organizations including the Guardian, the AI lab has discovered traces of successful attacks by Pegasus agents on iPhones running recent versions of iOS. These attacks were carried out in July 2021.
Scientific heuristics analysis of victims’ phones also found evidence that NSO’s ongoing search for vulnerabilities may have extended to other common applications. In some cases that Guarnieri and his team analyzed, strange network traffic associated with Apple’s photo and music apps was observed at the time of the attacks, which indicates that NSO may have begun exploiting the new vulnerabilities.
If phishing and click-link-free attacks fail, Pegasus can also be installed via a radio transceiver placed close to the target, or, according to the NSO handbook, it can be installed simply manually if a scientist manages to steal the target’s phone.
It is now very difficult to identify “Pegasus” attacks, and the capabilities of the Pegasus program have become more advanced, and it can reach its targets through so-called “zero-click” / Istock attacks. Once installed on the phone, Pegasus can collect any information or Extract any file, and it can leak text messages, numbers, call history, calendars, emails, and internet browsing history.
NSO has gone to great lengths to make its software difficult to detect, and it is now very difficult to identify Pegasus attacks. Security researchers believe that newer versions of Pegasus only work in the phone’s temporary memory, not its hard drive, which means that once the phone is turned off, almost every trace of the program disappears.
One of the most serious challenges that Pegasus poses for journalists and human rights defenders is that the program exploits undetected vulnerabilities, which means that even the most security-conscious mobile phone user cannot prevent an attack.
“This is the question I get asked a lot every time we do a heuristic analysis of someone’s phone: What can I do to prevent a repeat of such an attack? The real honest answer is nothing,” Guarnieri says.