Pegasus Spyware Explained

Cybersecurity

A deep dive into the spyware technology that is helping governments track your every move

In 2020, Amnesty International and the Paris-based non-profit Forbidden Stories found a significant data leak consisting of a list of 50,000 phone numbers of politicians, journalists, business professionals and activists from various countries across the globe. The information was then passed along to a global consortium of 17 media organizations, coming together under the umbrella name “The Pegasus Project.”

These phone numbers were from over 45 different countries across the globe. The data leak also contained details of the time and date when the numbers were selected or entered onto a system. The consortium sifted through this data to identity who the numbers belonged to and why were they on the list. Based on their findings, Amnesty International then conducted a forensic examination on the devices which held the leaked phone numbers. This revealed that at least 10 countries including Hungary, India, United Arab Emirates and Mexico had been accessing the numbers. The forensic examination identified that the leaked numbers had been infected with Pegasus spyware developed by the Israeli cyber arms firm NSO Group.

Before getting alarmed that your privacy might be at stake, take a look at what the spyware is, how it works and how it can be detected.

What is Pegasus spyware?

Pegasus is a spyware that can be covertly installed on a user’s devices to read their text messages, track their location and collect their passwords among a host of other forms of surveillance.

NSO firm, the company behind the spyware, markets it as a tool to track criminals and terrorists. They claim that the spyware tool is meant for targeted spying, not mass surveillance. The firm charges government agencies a flat fee of US$500,000 for installing the tool.

NSO’s charges can vary depending on the number of devices the government agency wishes to spy on. It also charges an annual maintenance fee which is 17% of the initial costs incurred by the governments.

How does the spyware work?

Earlier versions of Pegasus had to be installed on smartphones through spearfishing techniques.  With this method, the user would be tricked into clicking a link or opening a document that secretly installs the spyware on their device.

Another way in which it used to attack devices was by using portable transceivers. These portable transceivers are devices that emulate legitimate cell towers and force smartphones within the area to connect to them.

In 2019, the spyware’s technology evolved further. Pegasus can now be installed on a user’s device with a missed call on WhatsApp. It can also delete this missed call notification from the user’s records, keeping them oblivious to its presence.

The latest version of the spyware uses zero-click hacks. Pegasus can now take advantage of the vulnerabilities of commonly used messaging applications like WhatsApp or iMessage to attack your device without making any form of contact with it. These applications receive and sort data from various sources regularly, which makes the applications an alluring target for hackers. A lack of direct contact with the device makes it impossible to know how and when the spyware entered the device.

How can you detect Pegasus?

Researchers at Amnesty International have developed a Mobile Verification Toolkit (MVT) to check whether your device has been infiltrated. The MVT works on both android and IOS devices but requires command-line knowledge to install. Unlike a standard app, you cannot just click on an icon to install it. The MVT needs to be compiled for a specific device that can only be achieved on Linux or Mac operating systems.

The MVT saves a copy of your phone’s data onto your computer and then checks whether any of it is infected with Pegasus. It specifically checks transfer data logs where the use of the spyware is easiest to trace. To put it simply, it checks whether any of your call logs or messages have been transferred to a third-party device.

What does this mean for the future?

Pegasus spyware and the analysis of its leaked data have sparked concerns over government surveillance. Government surveillance as a phenomenon predates spyware, with documented examples such as the Gestapo (Secret State Police) surveying the people of Nazi Germany.

What is concerning about Pegasus is the scale at which surveillance can now take place. The phone numbers of over 180 journalists from media organizations like Al Jazeera, The New York Times and CNN have been found in the data leaks.

What makes this even more concerning is that one of the names on the list was the Mexican freelance journalist Cecilio Pineda Birto. Birto was an experienced journalist, he covered crime social issues and corruptions through posts on his Facebook page Cecilio Pineda, Las Noticias al Instante (Cecilio Pineda: The Instant News). The consortium’s analysis shows that Birto’s number had been of interest to one of NCO’s Mexican clients in the weeks leading up to his murder.

NSO entirely denies all of the consortium’s claims, including its involvement with Birto. The firm says that it rigorously checks its customer’s human rights records before selling them the spyware. It has also come out with a transparency report with excerpts from its contracts specifying that customers must only use surveillance technology for criminal and national security investigations.

Nevertheless, the Israeli government has taken the matter into their own hands. They have set up an inquiry to check whether policy changes are required in surveillance tech exports. Their speedy response shows a glimmer of hope that the consortium’s analysis will prevent misuse of surveillance technology in the future.

Header image courtesy of Amnesty International

SHARE THIS STORY

Share on facebook
Share on twitter
Share on linkedin
Share on email

RELATED POSTS

Exploring Top Language Learning Apps of 2024 (Other Than Duolingo!)

As we usher in the new year, many of us are armed with resolutions, and often, topping our bucket list is the ambition to learn a new language. Yet, here’s the twist in the tale—our journey of mastering a foreign tongue is often fraught with lost tracks and dwindling motivation. What if I told you there’s a smoother path? The solution lies in your pocket: simply download a language-learning app. These digital tutors not only nudge you to keep up with your daily lessons but also offer the flexibility to master a new dialect on the go, anytime, anywhere.

Eightfold AI Joins Department of Commerce Initiative for AI Safety

Eightfold AI, an AI-driven talent solution company, has announced its involvement in a Department of Commerce initiative aimed at fostering the development and deployment of trustworthy and secure artificial intelligence (AI). This initiative, under the auspices of the National Institute of Standards and Technology (NIST), introduces the U.S. AI Safety Institute Consortium (AISIC). The consortium aims to unite a diverse group of stakeholders, encompassing AI developers, users, academia, government and industry experts and civil society bodies to advance the mission of safe and reliable AI.

What Are Shadow Boards in the Workplace? Pros and Cons

In today’s rapidly evolving business landscape, companies are constantly seeking innovative ways to maintain a competitive edge. An intriguing development in this arena is the emergence of “shadow boards”—dynamic groups within organizations designed to complement the official board of directors by offering fresh perspectives on critical business strategies. This article explores the role of shadow boards in the modern workplace and highlights their benefits, challenges and how they are shaping future business practices.

Anthropologie and Pinterest Unveiled 2024 Bridal Trends at NYC Pop-Up Event

Anthropologie Weddings, a bridal collection from the global lifestyle brand Anthropologie, in collaboration with AnthroLiving and Terrain, debuted the Anthropologie Weddings x Pinterest Trend Pop-Up. This event, developed in partnership with Pinterest, was designed to bring emerging bridal trends, as identified by Pinterest Predicts, into tangible experiences. Offering inspiration and early access to trends, the pop-up showcased bridal designs, décor and lifestyle options that could be personalized for unique wedding visions.

Hello Group Introduces inSpaze: An Immersive Social App for Apple Vision Pro

Hello Group Inc., a prominent mobile social entertainment provider in China, introduces its immersive social application, inSpaze, an immersive social application exclusively for Apple Vision Pro users in the United States. This application, crafted for visionOS, leverages advanced technologies like 3Ds, Reality Converter and Reality Composer Pro, offering a unique spatial computing experience that connects users worldwide through Spatial Audio and 3D interactive content.