CYBER SECURITY

What is Pegasus?

July 22, 2021
VINAY CHANDEL
Pegasus is a type of malicious software or malware classified as a spyware. It is developed by the Israeli cyberarms firm NSO Group that can be covertly installed on mobile phones (and other devices) running most versions of iOS and Android. The 2021 Project Pegasus revelations suggest that current Pegasus software is able to exploit all recent iOS versions up to iOS 14.6.
According to the Washington Post and other prominent media sources, Pegasus not only allows keystroke monitoring of all communications from a phone (SMS, email, web searches), but also allows phone calls and location to be tracked while the NSO Group is both on the microphone as well as appropriating the camera of the cell phone and making it a constant monitoring device.

How Do You Know If You Have Been Affected?

Pegasus spyware is almost impossible to detect. According to a report in the Financial Times, a phone can be infected with Pegasus simply by calling it on WhatsApp. The user doesn’t even have to answer the call and the phone is still infected. You can also send it via email and SMS. 
Pegasus is a sophisticated spyware that has some self-destruct and anti-forensic features that make it difficult to detect, even if it is later uninstalled, leaves no trace and there is no way to tell if the device has been affected. 
Your phone has not shown any lags or visible signs of being infected with Pegasus. 
Since WhatsApp filed a lawsuit against the NSO Group, it has also become known that Facebook’s own messaging platform has information about affected users, although it has not been confirmed exactly how many users are affected. 
Additionally, WhatsApp has sent alert messages to the list of affected users asking them to update to the latest version of the application. So far, the WhatsApp message is the only visible indicator that lets you know if your phone is affected.

What can Pegasus do?

Image source: Pegasus product description

Pegasus allows the controller to access the phone’s microphone and camera. Pegasus contact control servers enables it to send commands and collect information from the infected device. It Steals passwords, contacts, text messages and accessing the phone’s camera, microphone, GPS,  files and pictures. Even it can read encrypted messages and e-mails, but there is uncertainty as to whether it can tamper with other applications on the phone.
According to Citizen Lab of University of Toronto, “This malware is designed to steer clear of forensic analysis, keep away from detection through anti-virus software, and may be deactivated and eliminated through operators remotely.” 

What to Do If Your Phone Is Affected by Pegasus?

  • You can update the System or Apps in your Phone but many security experts and analysts have said that the only way to get rid of Pegasus completely is to discard of the affected phone. 
  • After replacing the device, make sure that all installed applications are up to date and have the latest version of software. 
  • According to Citizen Lab, resetting the phone to factory settings does not remove the Pegasus spyware either. It allows attackers to continue accessing your online accounts even after your device is no longer infected. 
  • You can use a premium Antivirus because these Cyber Security companies gives quick updates on new threats.
  • To keep your online accounts secure, you will also need to change the passwords for any cloud-based applications and services that you have used on the infected device.
Source:

Wikipedia

Leave a Reply

Your email address will not be published. Required fields are marked *