Pegasus Spy Software : How it works

TNI Bureau:  Pegasus has made the news once more. In India, the last time we heard about it was in 2019, when certain WhatsApp users, including journalists and activists, received messages from WhatsApp claiming that Pegasus had hacked their phones. Although, one might argue that the Pegasus malware was never truly forgotten. It appears to be used so often by various countries across the world that there are stories of a phone being hacked using it practically every few months.

A number of major news outlets, including the Guardian and the Washington Post, released details of what they dubbed worldwide monitoring operations involving Pegasus on Sunday evening. The surveillance is said to be aimed at journalists, including more than 40 in India, activists, and other public personalities. According to the claims, Pegasus malware is being used to spy on people by over ten nations, including India. However, in a response to the Guardian, the nation did not explicitly deny deploying Pegasus.

In a statement to the Guardian, NSO Group described the research, dubbed The Pegasus Project, as an attempt to malign the company on spurious grounds.

What is Pegasus?

Pegasus is a spyware programme created by NSO Group, an Israeli firm that specialises in “cyber weapons.” It initially made headlines in 2016, when an Arab activist became suspicious after receiving a threatening message. Pegasus was thought to be targeting iPhone users. Apple published an upgraded version of iOS a few days after it was discovered, reportedly patching the security flaw that Pegasus was exploiting to hack phones. Pegasus, however, was discovered to be similarly capable of infecting Android phones a year later by security experts.

More information and security updates trickled in. After that, in 2019, Facebook sued NSO Group for developing Pegasus. Pegasus was being pursued by Facebook security experts throughout their networks, and they discovered that the programme had been used to infect numerous journalists and activists in India. This was also the moment when WhatsApp sent a message to the impacted Indian users.

It’s important mentioning that the NSO Group has verified Pegasus’ existence. The Israeli firm has stated, however, that it only offers the tools to governments and that it is not liable for their misuse.

How does Pegasus hack a phone?

One of the reasons why Pegasus is so well-liked by people who use it is because of its ability to hack into phones. The phone hacking is nearly undetectable, and the user is unaware that their device has been hacked.

When a hacker discovers a phone that needs to be hacked, they send the targeted person a malicious website link, which, if clicked, installs Pegasus on the phone. It may also be deployed via a security flaw in voice calls conducted through apps such as WhatsApp. In fact, this call technique is so powerful and hidden that Pegasus might be installed on the phone just by making a missed call to the user. The call log item would be deleted after the programme was loaded, so the user would not be aware of the missed call.

What is Pegasus capable of?

Pegasus can possibly spy on the targeted person totally and comprehensively once it is installed on the phone. Pegasus had access to even encrypted communications, such as those sent over WhatsApp. Pegasus can read messages, track calls, follow user activity within applications, acquire location data, access video cameras in phones, and listen through their microphones, according to security experts.