Context
Seventeen international media groups led the investigation into how Pegasus was used to allegedly extract messages and information from the phones of journalists, politicians, and activists.
- Telephone numbers of around 40 Indian journalists figure in a “leaked list of potential targets for surveillance”.
About the Pegasus Malware Attack
- The surveillance was carried out on users in 20 countries, “between in and around April 2019 and May 2019”.
- The surveillance was carried out by using a spyware tool called Pegasus that was developed by an Israeli firm, the NSO Group.
What is Pegasus?
- Pegasus is a spyware that works by sending an exploit link.
- If the target user clicks on the link of spyware, the malware or the code that allows the surveillance is installed on the user’s phone.
- Once the Pegasus is installed, the attacker has complete access to the target’s phone.
- The first case on Pegasus’s spyware operations emerged in 2016, when Ahmed Mansoor, a human rights activist in the UAE, was targeted with an SMS link on his iPhone 6.
- Apple responded by making out an update to “patch” or fix the issue.
- Pegasus delivers “a chain of zero-day exploits to penetrate the security features on the phone and installs Pegasus without the user’s knowledge or permission.
“zero-day exploit”
- It is a completely unknown vulnerability. Even the software manufacturer is not awareof it, and there is, thus, no patch or fix available for it.
|
What can Pegasus do, once it gets installed?
- Pegasus can “send back the target’s private data, which includes passwords, contact lists, calendar events, text messages, and the live voice calls from popular mobile messaging apps”.
- It can also turn on the target’s phone camera and microphone that can the scope of the surveillance.
- It can access password-protected devices. The spyware leaves no trace on the device, consumes minimal battery, memory, and data to not arouse suspicion in more alert users.
And how did Pegasus exploit WhatsApp?
- Only a missed call on the app was all that was needed to install the software on the device.
- No clicking on a misleading link was required.
Malware
It is the collective name for several malicious software variants that are designed to cause extensive damage to data and the systems or to gain unauthorized access to a network.
Types of Malware:
Virus
- It is the most common type of malware. Viruses attach their malicious code to clean code and wait for an unsuspecting user or an automated process to execute them. They are usually contained within an executable file.
Worms
- Worms get the name through the way they infect systems. They start from one infected machine and weave their way through the network. They connect to consecutive machines to continue the spread of the infection.
Spyware
- Spyware is designed to spy on the user. It hid in the background on a computer and will collect information without the user knowing, such as credit card details, passwords, and other sensitive information.
Trojans
- This malware hides within or disguises itself as legitimate software. Acting discretely, this malware breaches security by creating backdoors that give other malware variants easy access.
Ransomware
- This is also known as scareware. Ransomware comes with a heavy price. This can lockdown networks and lockout users until a ransom is paid.
|