All you need to know about the Pegasus scandal & how you can prevent it
Did you know that NSO Group software Pegasus can record your calls, copy your messages and even secretly film you without you even KNOWING it?
And that’s exactly what some 50000 journalists, activists, along with business executives and heads of state are dealing with it right now. Here is all you need to know about the Pegasus scandal.
And the reason is Pegasus
Possibly be the most powerful spyware ever designed by a private company to put your phone under surveillance, without you noticing it. Yes, you read that right.
It can easily copy the messages that you send or receive on your smartphone, and also it can harvest your photos and record your calls. This may seem strange but it might secretly film you through your phone’s camera, or activate the microphone to record your every conversation with you even touching it. It can also potentially pinpoint where you are, where you’ve been, and who you’ve met. So, basically, your privacy will no longer be yours.
Pegasus which is known to be a hacking software – or spyware is created, marketed and licensed to multiple governments around the world by an Israeli private company NSO Group. According to multiple researches conducted on this hacking software, it was revealed that it has the capability to infect billions of phones running either on iOS or Android operating systems.
The alleged victims of Pegasus spyware who were under the surveillance according to a consortium of investigation:
180 Journalists from all over the world
Arab Royal Family Members
Over 60 Business Executives
600+ Politicians and Government Officials
85 – 90 Human Activists
50000 Phone Numbers Leaked
The countries which are named in the reports were found to be using Pegasus against journalists, activists and opposition leaders are- Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Hungary, United Arab Emirates (UAE) and India.
How the Pegasus revelations came into the picture?
Amnesty International’s is a Berlin-based Security Lab, in partnership with France-based media non-profit organisation Forbidden Stories, performed forensics analyses on the targeted phones which revealed successful infections.
NSO Group, the company which designed this technology said, “We (NSO Group) believe that claims that you have been provided with, are based on a misleading interpretation of leaked data from basic information, such as HLR Lookup services, which have no bearing on the list of the customers’ targets of Pegasus or any other NSO products.”
It further added, “Such services are openly available to anyone, anywhere, and anytime, and are commonly used by governmental agencies as well as by private companies worldwide. It is also beyond dispute that the data has nothing to do with surveillance or with NSO, so there can be no factual basis to suggest that a user of the data somehow equates to surveillance.”
NSO’s software was in the headlines in 2019 when WhatsApp revealed that software created by NSO had been used to send malware to over 1,400 phones by exploiting a zero-day vulnerability. The allegations also revealed that by simply placing a call on WhatsApp, a malicious Pegasus code may get into your phone, even if the target never answered the WhatsApp call.
Recent allegations included that NSO exploited vulnerabilities in Apple’s iMessage by giving it backdoor access to hundreds of millions of iPhones for which Apple said that they always update their software to prevent such attacks.
Claudio Guarnieri, an Expert who runs Amnesty International’s Berlin-based Security Lab also conducted research on Pegasus scandal revealing that said that “Things are getting a lot more complicated for the targets to observe and for the companies like NSO, exploiting in-build software or application such as iMessage, or which is widely used, like WhatsApp, is especially attractive, as it unarguably increases the number of mobile phones Pegasus can successfully attack.
Successful Attacks on Apple’s iPhones
In the latest report from Amnesty’s lab, it was revealed the traces of potential attacks by Pegasus customers on iPhones running up-to-date versions of Apple’s iOS where some attacks were even carried out as recently as July 2021.
“When an Apple iPhone is compromised, it’s executed in such a way that lets the attacker obtain so-called root privileges, information, or administrative privileges, on the device. This hacking software (Pegasus) can do more than what an owner of the device can even imagine.
Guarnieri further added, “Google regularly warns its (Android) users that they are being targeted by “multiple government-based attackers,” & it is sending out “over 12,000 warnings to users from 149 countries.”
The Targets or Potential Targets for Surveillance
According to The Wire, it is confirmed that journalists from The Wire, The Indian Express, Hindustan Times, The Hindu and news agency Press Trust of India (PTI) were either targets or potential targets for surveillance based on the facts from the forensic analysis conducted on the phones of journalists which showed traces of hacking infection by Pegasus.
According to Forbidden Stories, it had accessed a leaked database of 50,000 numbers who may have been targeted for surveillance which includes journalists, heads of state, professors, political personalities, activists, lawyers along with journalists and even students.
Israeli company NSO Group says that their advanced spyware is only sold to “vetted governments”, so it is evident to assume that these individuals were targets or potential targets of government or military agencies for that matter.
How to find out if your phone is under surveillance or infected with spyware?
An application is designed by the researchers at Amnesty International to help users identify if their phone was infected by the spyware.
Mobile Verification Toolkit built for both iOS (Apple OS) and Android (Google OS) to simplify the process of acquiring and analyzing data & records from Android & iOS devices to identify potential traces of compromise.
According to researchers, it was also revealed that more forensic traces accessible to investigators were on Apple iOS (devices known for superb system security) than on Android devices and as a result, many recent cases which were confirmed Pegasus infections have involved Apple iPhones.