PEGASUS! This name has become a topic of discussion in recent times. There is a hue and cry about Pegasus spyware everywhere. It has been developed by a private company and is probably the most powerful spyware ever made. With the help of this spyware, the hacker can record messages, photos and even calls on the user’s phone. It can target any operating system including Apple’s iOS and Android.
Day-to-day development in the field of science and technology may have contributed in improving human life significantly, but its horrific side effects also can not be denied. Problems like hacking, data breaches, online frauds, and cyberattacks are on their peak these days which are a big threat to the whole world.
In this article, we are going to discuss one such online threat which is Pegasus spyware. You might have several questions in your mind like what this spyware is, who are the people behind it, how it works, and how it attack the victims to steal their data? After covering all such questions, we will also discuss some security tips to protect yourself from being a victim of this dangerous spyware.
What is Pegasus and who created it?
Pegasus is a hacking software or spyware, developed by the Israeli company named NSO Group. It can easily affect smartphones running on any operating system including iOS and Android. All spyware does what the name suggests – they spy on people through their phones.
In Pegasus spyware, the attacker sends a link to the victim’s phone and if the victim clicks on the link, malware or a code allowing surveillance is installed on their phone. It is being told that the new version of the malware does not even require clicking on a link.
Once Pegasus is installed, the attacker has complete access to the user’s phone. This spyware puts your phone under 24×7 surveillance and track your every activity. It will send your call recordings, location, SMS messages, photos, videos and other personal data to the hacker.
What’s even more dangerous about Pegasus spyware is that it can record video from your phone and keep an eye on you in real-time. All this was done in the background without even letting the victim know that he is being spied.
What is NSO group?
NSO Group is a cyber security company that specializes in ‘surveillance technology’ and claims to help governments and law enforcement agencies around the world fight crime and terrorism. It is an Israeli-based company which was founded in 2010.
NSO has never revealed who they work with but according to reports, they have around 60 clients in 40 countries ranging from intelligence to military and law-enforcement agencies. However, NSO Groups does not reveal the identity of any of them, citing client confidentiality.
Responding to an earlier lawsuit by WhatsApp in California, NSO Group had said that Pegasus is only used by sovereign governments or their entities in other countries. How deep the roots of this group are and at what scale it can target people is still a matter of discussion.
How Pegasus spyware works?
The hacker will send Pegasus to the victim’s phone through a phishing link. When the user click on this phishing link, the Pegasus starts downloading to their device without the person’s knowledge. Once downloaded, it sets up a connection to the hacker’s command computer.
The hacker then contacts Pegasus spyware with the help of a remote command center and then the real game of information exchange begins. Pegasus can extract every information and data from the victim’s phone. Even the encrypted messages and audios can be read and heard.
According to the reports, Pegasus can steal user’s personal data including passwords, contact lists, calendar events, text messages and live voice calls. The spyware has access to the camera and microphone so it can also record real-time activities of the victim, expanding the range of surveillance.
According to the statement given by Facebook in court, this malware can access emails, SMS messages, location updates, network details, device settings and browsing history data. All this happens without the knowledge of the user and leaving no trace on the device.
Pegasus spyware is smart enough to have minimal battery usage, memory and data consumption so as not to cause any doubt in the user’s mind that something fishy is happening in the background. In case of any risk, Pegasus has the ability to self-uninstall, revoke its access from the system, and restore back again.
What is the price of pegasus spyware?
The cost of using spyware like Pegasus is very high. A report published by The New York Times in 2016 stated that NSO charges government agencies $500,000 (about Rs 3.7 crore) to install Pegasus on the victim’s device. Additionally, it charges $650,000 for spying on 10 iPhone or Android users, $500,000 for five Blackberry users, and $300,000 for five Symbian users.
How Pegasus took advantage of WhatsApp?
A report in May 2019 stated that a missed call was required on the app to install the Pegasus spyware on the device, which is easier said than done clicking on a deceptive link. WhatsApp later explained that Pegasus had taken advantage of the video/voice call function on the app, which had a zero-day security flaw.
Facebook-owned WhatsApp is the most popular messaging app in the world. It has over 2 billion users worldwide. About a quarter of those users, around 500 million, are in India. WhatsApp is run by almost every smartphone user, so that this malware can be installed on the phone of the desired person easily. That’s the reason why WhatsApp is the most-widely used medium for targeting people to install Pegasus on their devices.
What does the Government of India have to say?
The government has said that there is no solid basis or any truth related to the allegations of government surveillance on the people. Earlier too, similar allegations were made by the Indian government regarding the use of Pegasus on WhatsApp. Those reports also had no factual basis. It was then categorically denied by all parties, including WhatsApp’s rebuttal in the Supreme Court of India. Similarly, the media reports also appears to be based on conjecture and exaggeration to defame Indian democracy and its institutions.
How to protect yourself from Pegasus spyware
Now let’s discuss about some security tips to protect yourself from Pegasus spyware. Once this spyware is installed on a smartphone, a person is left with no other option but to replace his/her device. Those affected are advised to use the new device and change the passwords of all important accounts like social media accounts, e-mail accounts, internet banking etc. immediately.
By taking a few simple steps, we can keep our devices safe from malware like Pegasus. Here are some useful tips you should always keep in your mind:
- Don’t click on any suspicious link or email from the unknown sender before verifying its authenticity.
- Don’t pick up suspicious calls on WhatsApp from unknown numbers. As we have already discussed, Pegasus is mostly sent to the victim via WhatsApp.
- Use anti-spyware software on your device and make sure to update it regularly.
- When searching for any information on the Internet, always click on trusted websites.
- Keep your phone updated to the latest version.
- Make sure to log out of internet banking or any important account after completing your task. Don’t use the public Wi-Fi to do banking transactions.
- Monitor your data usage regularly and keep an eye on unnecessary or suspicious traffic. Often spyware works in the background to send data from the victim’s phone to the hacker.
- Create strong passwords and don’t use your personal information such as your date of birth or name. Keep a combination of letters, numbers and special characters in the password. Also, use a different password for each account
- Don’t install apps from unknown sources and don’t give unnecessary permissions to any app. Make sure that the app you are installing is trusted.
Although Pegasus spyware mainly targets influential people like ministers, military generals, celebrities, company executives, government officials, etc., but ordinary people can also be the target of many other spyware and malware. For more security tips, you can check out our guide on how to protect yourself from online fraud.
Frequently asked questions
iOS is considered as the most secure mobile operating system which is developed by the world’s most renowned company Apple. You might be surprised to know that Pegasus spyware can also target iOS devices easily. If you have an iPhone, you can also be a victim of this spyware.
It is technically very hard to detect the presence of Pegasus spyware on your device but if you are noticing unusual activities such as more data usage and battery usage, you can deploy the Mobile Verification Toolkit (MVT). This is a terminal-based tool which can detect Pegasus on both iOS and Android, however, you need to learn how to use it properly.
It has been found that Pegasus can’t be detected even by some of the most reputed anti-virus or anti-spyware software in the market. The way Pegasus exploits the system is still a mystery to the developers. It is smart enough to hide itself from the antivirus applications.
No, you will not find it anywhere on the Internet. It is made available on-demand to the government officials and law-enforcement agencies only. General public can’t use this spyware to spy on their loved ones.
Restarting will temporarily disable Pegasus but it can’t remove it permanently. It is also believed that you can not get rid of this spyware even by factory reset method. In such a situation, the only option left is to change your smartphone.
The digital world is as dangerous as it is convenient. You never know when your phone has been hacked and you are being monitored. Pegasus has emerged as the most powerful spyware in the history of the hacking world. At last, we would like to tell you just one thing that you can avoid yourself from being a victim of these spyware only if you are aware of them. We hope that you have got all the information about Pegasus from this article. Don’t forget to share it with your friends and family on social media and let them be aware of this spyware as well.