paint-brush
Pegasus Spyware: Here’s What You Need to Knowby@jtruong
452 reads
452 reads

Pegasus Spyware: Here’s What You Need to Know

by Jessica TruongSeptember 14th, 2021
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

The German Federal Criminal Police Office (BKA) has owned the Pegasus spyware since 2019. The spyware is designed to invade devices that run Android, iOS, Blackberry and Symbian operating systems and turn them into monitoring devices. Once installed on a smartphone, the spyware can steal videos, photos, messages, passwords, location, login credentials, notes, and more on your phone and send it back to the attacker. The best way to determine if you have been infected is by using the Amnesty International Mobile Verification Toolkit.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - Pegasus Spyware: Here’s What You Need to Know
Jessica Truong HackerNoon profile picture

Table of Contents:

  1. What is the Pegasus Spyware?
  2. How the Pegasus Spyware Works
  3. What Information is Collected?
  4. Why Does Pegasus Target iPhones?
  5. How to Tell if the Pegasus Spyware is on Your Phone
  6. How to Protect Against the Pegasus Spyware
  7. Pegasus Spyware Examples
  8. Final Thoughts: Pegasus Spyware

What is the Pegasus Spyware?

Pegasus is a spyware developed by an Israeli group called NSO however it has been recently revealed that the German Federal Criminal Police Office (BKA) has owned it since 2019. This spyware is licensed and marketed to government agencies all around the world. 

The spyware is like a keylogger, once it has been installed onto the target’s phone it has access to everything on the device and can send the data on the phone back to the government. The spyware is designed to invade devices that run Android, iOS, Blackberry, and Symbian operating systems and turn them into monitoring devices. 

NSO stated that Pegasus was created only for the government for the purpose of tracking terrorists and criminals. The developers have also pointed out that the spyware cannot be traced back to the government that used it.

How the Pegasus Spyware Works

In earlier versions of Pegasus, the spyware was installed on smartphones through vulnerabilities found in commonly used apps or via spear-phishing. Phishing attacks involved tricking targeted users into clicking a link or downloading a file that contains malware which would, in turn, install the spyware. Pegasus, just like any other spyware, has evolved.

In 2019, Pegasus was installed on smartphones through a missed WhatsApp call or through sending a message to the targeted user’s phone without notification. The latest version of Pegasus does not require the smartphone to perform any action. An attacker just needs to find a vulnerable application on the device or the operating system of the device where a patch is not yet available (also known as a zero-click attack). 

What Information is Collected?

Once installed on a smartphone, the spyware can steal videos, photos, messages, passwords, location, login credentials, notes, and more on your phone and send it back to the attacker. The spyware has the ability to activate the camera and microphone on your smartphone for real-time surveillance without the user knowing.

Why Does Pegasus Target iPhones? 

iPhones have been the main target for the Pegasus spyware due to the fact that most of the Apple devices run on an identical environment. This means that there is a higher success rate for the Pegasus spyware to infect iPhones. 

Android devices can also be infected with the Pegasus spyware, however, the success rate is much lower due to the diversity of hardware and software. This makes it difficult to use one tool across all Android devices. 

How to Tell if the Pegasus Spyware is on Your Phone

It is highly unlikely that a non-political person or a well-known public figure would be monitored by the Pegasus spyware but you will never know if you are infected. Therefore, the best way to determine if you have been infected is by using the Amnesty International Mobile Verification Toolkit.

This tool can be used on Linux or MacOS and has the capability to examine the configuration and files on the mobile device and detect whether or not your phone has the Pegasus spyware installed on it. Raydacted posted on Twitter the detailed explanation and process of the tool.


How to Protect Against the Pegasus Spyware

Well, as mentioned in the previous section, there are steps that you can take to prevent the Pegasus spyware from being infiltrated onto your device. But you cannot completely avoid it. What you can do is protect yourself from the Pegasus spyware.

The following is a list of items that you should do to limit the potential exposure to Pegasus and any other potential malware attacks.

  • Make sure that your applications are up-to-date
  • Ensure that the operating system on your device is up to date
  • Users should not click on any links and download any attachments sent in email messages or text messages from unknown senders
  • Avoid the use of public WiFi
  • Make sure to encrypt the data on your device and to enable remote-wipe features if possible so that if for some reason your device is lost or stolen you know that your data is safe

Pegasus Spyware Examples

In July 2021, roughly 40 smartphones belonging to activists and journalists were successfully infected with the Pegasus spyware. 

In August 2021, attackers used the Pegasus Spyware to hack iPhones then blackmailed users into paying a ransom of 0.035 bitcoin or roughly $1,600. Pegasus tracked the victim’s “actions and captured recordings of them at the most private moments of their lives”. So, if the ransom is not paid then they have threatened to release these recordings to the victim’s friends, family members, and business partners. The screenshot below shows what the attacker sent to the Pegasus spyware victim.

Final Thoughts: Pegasus Spyware

I hope after reading this article you have a better understanding of what the Pegasus spyware is and how it works. This spyware can infiltrate a smartphone without the user knowing, therefore, gaining access to everything on the user’s mobile device. Just like with any other cyber-attack, the Pegasus Spyware is not going away anytime soon.