Pegasus Spyware Explained

Cybersecurity

A deep dive into the spyware technology that is helping governments track your every move

In 2020, Amnesty International and the Paris-based non-profit Forbidden Stories found a significant data leak consisting of a list of 50,000 phone numbers of politicians, journalists, business professionals and activists from various countries across the globe. The information was then passed along to a global consortium of 17 media organizations, coming together under the umbrella name “The Pegasus Project.”

These phone numbers were from over 45 different countries across the globe. The data leak also contained details of the time and date when the numbers were selected or entered onto a system. The consortium sifted through this data to identity who the numbers belonged to and why were they on the list. Based on their findings, Amnesty International then conducted a forensic examination on the devices which held the leaked phone numbers. This revealed that at least 10 countries including Hungary, India, United Arab Emirates and Mexico had been accessing the numbers. The forensic examination identified that the leaked numbers had been infected with Pegasus spyware developed by the Israeli cyber arms firm NSO Group.

Before getting alarmed that your privacy might be at stake, take a look at what the spyware is, how it works and how it can be detected.

What is Pegasus spyware?

Pegasus is a spyware that can be covertly installed on a user’s devices to read their text messages, track their location and collect their passwords among a host of other forms of surveillance.

NSO firm, the company behind the spyware, markets it as a tool to track criminals and terrorists. They claim that the spyware tool is meant for targeted spying, not mass surveillance. The firm charges government agencies a flat fee of US$500,000 for installing the tool.

NSO’s charges can vary depending on the number of devices the government agency wishes to spy on. It also charges an annual maintenance fee which is 17% of the initial costs incurred by the governments.

How does the spyware work?

Earlier versions of Pegasus had to be installed on smartphones through spearfishing techniques.  With this method, the user would be tricked into clicking a link or opening a document that secretly installs the spyware on their device.

Another way in which it used to attack devices was by using portable transceivers. These portable transceivers are devices that emulate legitimate cell towers and force smartphones within the area to connect to them.

In 2019, the spyware’s technology evolved further. Pegasus can now be installed on a user’s device with a missed call on WhatsApp. It can also delete this missed call notification from the user’s records, keeping them oblivious to its presence.

The latest version of the spyware uses zero-click hacks. Pegasus can now take advantage of the vulnerabilities of commonly used messaging applications like WhatsApp or iMessage to attack your device without making any form of contact with it. These applications receive and sort data from various sources regularly, which makes the applications an alluring target for hackers. A lack of direct contact with the device makes it impossible to know how and when the spyware entered the device.

How can you detect Pegasus?

Researchers at Amnesty International have developed a Mobile Verification Toolkit (MVT) to check whether your device has been infiltrated. The MVT works on both android and IOS devices but requires command-line knowledge to install. Unlike a standard app, you cannot just click on an icon to install it. The MVT needs to be compiled for a specific device that can only be achieved on Linux or Mac operating systems.

The MVT saves a copy of your phone’s data onto your computer and then checks whether any of it is infected with Pegasus. It specifically checks transfer data logs where the use of the spyware is easiest to trace. To put it simply, it checks whether any of your call logs or messages have been transferred to a third-party device.

What does this mean for the future?

Pegasus spyware and the analysis of its leaked data have sparked concerns over government surveillance. Government surveillance as a phenomenon predates spyware, with documented examples such as the Gestapo (Secret State Police) surveying the people of Nazi Germany.

What is concerning about Pegasus is the scale at which surveillance can now take place. The phone numbers of over 180 journalists from media organizations like Al Jazeera, The New York Times and CNN have been found in the data leaks.

What makes this even more concerning is that one of the names on the list was the Mexican freelance journalist Cecilio Pineda Birto. Birto was an experienced journalist, he covered crime social issues and corruptions through posts on his Facebook page Cecilio Pineda, Las Noticias al Instante (Cecilio Pineda: The Instant News). The consortium’s analysis shows that Birto’s number had been of interest to one of NCO’s Mexican clients in the weeks leading up to his murder.

NSO entirely denies all of the consortium’s claims, including its involvement with Birto. The firm says that it rigorously checks its customer’s human rights records before selling them the spyware. It has also come out with a transparency report with excerpts from its contracts specifying that customers must only use surveillance technology for criminal and national security investigations.

Nevertheless, the Israeli government has taken the matter into their own hands. They have set up an inquiry to check whether policy changes are required in surveillance tech exports. Their speedy response shows a glimmer of hope that the consortium’s analysis will prevent misuse of surveillance technology in the future.

Header image courtesy of Amnesty International

SHARE THIS STORY

Share on facebook
Share on twitter
Share on linkedin
Share on email
Kamya Pandey
Kamya is a writer at Jumpstart. She is obsessed with podcasts, films, everything horror-related, and art.

RELATED POSTS

Top 5 NFT Scam

Top 5 NFT Scam

From art pieces like EVERYDAYS: THE FIRST 5000 DAYS by Mike Winkelmann to cryptopunks and memes like Side-eyeing Chloe, the popularity of Non-Fungible Tokens (NFT) has been on the uptick. They have also been blowing up in value in 2021. NFT sale volumes have surged eightfold, reaching US$10.7 billion in the third quarter of 2021.

What Brands Must Know About China’s Evolving Millennial Buyers

What Brands Must Know About China’s Evolving Millennial Buyers

Earlier this year, climate activist Greta Thunberg called out fast fashion consumers during an interview with a fashion magazine. She said, “If you are buying fast fashion, then you are contributing to that industry and encouraging them to expand and encouraging them to continue their harmful process.”

What Is Femtech and Are Femtech Companies on the Rise

What Is Femtech and Are Femtech Companies on the Rise?

Women’s needs have been largely neglected for years. They get fewer job opportunities, excessive household work, subpar pay and little healthcare attention. Well, no more. The rise of FemTech startups (largely women-run) is changing the healthcare landscape for women. As per a report by CBInsights, FemTech will be worth US$50 billion by 2025. So, what is FemTech, and how can you get started?

Workplace

The Power of Introverts at the Workplace

Psychologist Carl Jung describes introverts as people whose interests are directed inwards and towards their own thoughts or feelings. They typically struggle to adjust to social settings and are perceived as being reserved. Thus, at a workplace, the introvert might come across as a quiet or unsociable person and end up unnoticed, no matter how big their contributions might be.