Table of Contents: What is the Pegasus Spyware? How the Pegasus Spyware Works What Information is Collected? Why Does Pegasus Target iPhones? How to Tell if the Pegasus Spyware is on Your Phone How to Protect Against the Pegasus Spyware Pegasus Spyware Examples Final Thoughts: Pegasus Spyware What is the Pegasus Spyware? Pegasus is a spyware developed by an Israeli group called NSO however it has been recently revealed that the German Federal Criminal Police Office (BKA) has owned it since 2019. This spyware is licensed and marketed to government agencies all around the world. The spyware is like a keylogger, once it has been installed onto the target’s phone it has access to everything on the device and can send the data on the phone back to the government. The spyware is designed to invade devices that run Android, iOS, Blackberry, and Symbian operating systems and turn them into monitoring devices. NSO stated that Pegasus was created only for the government for the purpose of tracking terrorists and criminals. The developers have also pointed out that the spyware cannot be traced back to the government that used it. How the Pegasus Spyware Works In earlier versions of Pegasus, the spyware was installed on smartphones through vulnerabilities found in commonly used apps or via spear-phishing. Phishing attacks involved tricking targeted users into clicking a link or downloading a file that contains malware which would, in turn, install the spyware. Pegasus, just like any other spyware, has evolved. In 2019, Pegasus was installed on smartphones through a missed WhatsApp call or through sending a message to the targeted user’s phone without notification. The latest version of Pegasus does not require the smartphone to perform any action. An attacker just needs to find a vulnerable application on the device or the operating system of the device where a patch is not yet available (also known as a zero-click attack). What Information is Collected? Once installed on a smartphone, the spyware can steal videos, photos, messages, passwords, location, login credentials, notes, and more on your phone and send it back to the attacker. The spyware has the ability to activate the camera and microphone on your smartphone for real-time surveillance without the user knowing. Why Does Pegasus Target iPhones? iPhones have been the main target for the Pegasus spyware due to the fact that most of the Apple devices run on an identical environment. This means that there is a higher success rate for the Pegasus spyware to infect iPhones. Android devices can also be infected with the Pegasus spyware, however, the success rate is much lower due to the diversity of hardware and software. This makes it difficult to use one tool across all Android devices. How to Tell if the Pegasus Spyware is on Your Phone It is highly unlikely that a non-political person or a well-known public figure would be monitored by the Pegasus spyware but you will never know if you are infected. Therefore, the best way to determine if you have been infected is by using the . Amnesty International Mobile Verification Toolkit This tool can be used on Linux or MacOS and has the capability to examine the configuration and files on the mobile device and detect whether or not your phone has the Pegasus spyware installed on it. Raydacted posted on Twitter the detailed explanation and process of the tool. How to Protect Against the Pegasus Spyware Well, as mentioned in the previous section, there are steps that you can take to prevent the Pegasus spyware from being infiltrated onto your device. But you cannot completely avoid it. What you can do is protect yourself from the Pegasus spyware. The following is a list of items that you should do to limit the potential exposure to Pegasus and any other potential malware attacks. Make sure that your applications are up-to-date Ensure that the operating system on your device is up to date Users should not click on any links and download any attachments sent in email messages or text messages from unknown senders Avoid the use of public WiFi Make sure to encrypt the data on your device and to enable remote-wipe features if possible so that if for some reason your device is lost or stolen you know that your data is safe Pegasus Spyware Examples In July 2021, roughly 40 smartphones belonging to activists and journalists were successfully infected with the Pegasus spyware. In , attackers used the Pegasus Spyware to hack iPhones then blackmailed users into paying a ransom of 0.035 bitcoin or roughly $1,600. Pegasus tracked the victim’s “actions and captured recordings of them at of their lives”. So, if the ransom is not paid then they have threatened to release these recordings to the victim’s friends, family members, and business partners. The screenshot below shows what the attacker sent to the Pegasus spyware victim. August 2021 the most private moments Final Thoughts: Pegasus Spyware I hope after reading this article you have a better understanding of what the Pegasus spyware is and how it works. This spyware can infiltrate a smartphone without the user knowing, therefore, gaining access to everything on the user’s mobile device. Just like with any other cyber-attack, the Pegasus Spyware is not going away anytime soon.

Apple

Target

Twitter

6 Cybersecurity Best Practices for Remote Workers

Network Security 101: Everything You Need to Know

2021 - Top Security Expert

Nominated for 2022 - HackerNoon Contributor of the Year - Instagram

Nominated for 2022 - HackerNoon Contributor of the Year - Social Media

Nominated for 2022 - HackerNoon Contributor of the Year - Security

Nominated for 2022 - HackerNoon Contributor of the Year - Cyber Security Awareness

Nominated for 2022 - HackerNoon Contributor of the Year - Facebook

Too Long; Didn't Read

Boost your HackerNoon story @ $159.99! 🚀

Pegasus Spyware: Here’s What You Need to Know

Pegasus Spyware: Here’s What You Need to Know

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

5 Common Identity and Access Management Security Risks

10 Pieces of Sci-Fi Armor We All Wish Were Real

10 Movie Tie-In Games That Were Actually Good

10 Most Anticipated Sci-fi Games of 2022 You Can’t Miss

10 Female Video Game Characters You Need to Know

5 Common Identity and Access Management Security Risks

10 Pieces of Sci-Fi Armor We All Wish Were Real

10 Movie Tie-In Games That Were Actually Good

10 Most Anticipated Sci-fi Games of 2022 You Can’t Miss

10 Female Video Game Characters You Need to Know

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps