What is Pegasus software and How does it infect your device

Pegasus is spyware that infects devices and spies on the victim by transferring data to a master server in an unauthorized manner. It is built and marketed by Israeli company NSO.

 

It was in the year 2019 when Pegasus marked it first ever presence. Several journalists and activists were notified about their phones being infected by the spyware.

Pegasus is again at the centre of a global collaborative investigative project. According to the latest reports, on Sunday, July 18, it was known that documents acquired and evaluated by an international media collaboration showed a list of phone numbers that are claimed to have been potentially targeted for surveillance by an unidentified agency using the Pegasus software. The report stated that over 40 journalists in India were targeted including few other public figures like politicians and activists.

It is quite important to understand the software, its history and how it can hack into your smartphone to completely compromise your information. It is reported that Pegasus can infect a device connected to the internet without the target’s engagement or knowledge.

Pegasus can inject such zero-click installations in various ways. One over-the-air (OTA) option is by sending a push message covertly that makes the target device load the spyware, with the target unaware of the installation over which they anyway have no control over.

Pegasus can infect all devices. iPhones have been their major target. The spyware can impersonate an application downloaded to an iPhone and transmit itself as push notifications via Apple’s servers.

In October 2019, WhatsApp complained about the NSO Group for exploiting a vulnerability in its video-calling feature. WhatsApp chief Will Cathcart said that “A user would receive what appeared to be a video call, but this was not a normal call. After the phone rang, the attacker secretly transmitted malicious code in an effort to infect the victim’s phone with spyware. The person did not even have to answer the call,”

Usually, an attacker needs to feed the Pegasus system with just the target phone number for a network injection. “The rest is done automatically by the system,” stated a Pegasus brochure, and the spyware is installed in most cases. In some cases, network injections may not work. This may include cases where remote installation fails when the target device is not supported by the NSO system, or its operating system is upgraded with new security protections.

A phone becomes a digital spy under the attacker’s complete control once its infected by the software. Upon installation, Pegasus target’s private data, including passwords, contact lists, calendar events, text messages, and live voice calls (even those via end-to-end-encrypted messaging apps). The attacker can also control the phone’s camera and microphone, and use the GPS function to track a target.

One can prevent the malicious effects of Pegasus by changing one’s default phone browser. According to a Pegasus brochure, “installation from browsers other than the device default and also chrome for android based device is not supported by the system”.

The best thing one can do is to regularly update operating system and security patch released by device manufacturers.  Moreover, changing handsets periodically is perhaps the most effective solution.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.