Pegasus Spyware — The Mystery Exposed
Attack & Mitigation
WhatsApp filed a lawsuit against NSO in a U.S. federal court, alleging that the Israeli group had targeted WhatsApp users and is seeking a permanent injunction banning NSO from using its service. These allegations were denied by the developing company and they claimed that the sole purpose the company was to provide technology to licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime.
As per The Hindu — An Indian Daily Newspaper, In July and August 2016, there were multiple attempts on a Mexican citizen to infect his phone with Pegasus by sending repeated messages that were emotionally stirring. These messages claimed various things such as his daughter had met with an accident with a link to the hospital she was admitted to, or that his wife was cheating on him with a link to a supposedly leaked photo.
Pegasus is said to be around for about five years and it is no ordinary spyware. This spyware has been attributed to the NSO Group, an Israeli company whose core business is developing spyware. Traditionally, Pegasus works by sending a link, and if the target user clicks on it, it is installed on the user’s device. Once installed, it begins to contact control servers which allow it to relay commands so one can gather data from the infected device. It has the potential to steal your passwords, contacts, text messages, calendar info, as well as voice calls made through messaging apps. The threat doesn’t stop here, as it can even let the hacker have access to your phone’s camera, microphone and GPS to track locations. Basically, it can track and spy on every aspect of the target’s life. Kaspersky Daily claims that Pegasus can listen to encrypted audio streams and read encrypted messages because of its keylogging and audio recording capabilities. The other interesting fact about this spyware is that it tries to hide itself. The malware also self-destructs if there is no communication with its command-and-control (C&C) server for more than 60 days, or if it is installed on the wrong device or wrong SIM card.
In a report by Citizen Lab which conducted investigations on several cases of Pegasus infections around the world, including India, reported in its research social engineering was a common tactic used in achieving its spying goal.
Steps to mitigate such attack:
1: Always keep your devices updated with the latest security patches released by the Operating system developers such as iOS or Android
2: Use state of the art ATP applications for device security.
3: Be aware and diligent to social engineering attacks or phishing attacks. Don’t click or download anything which is not scanned by the ATP.
4 : Most importantly, Using proprietary applications. Using common or free applications can easily increase the chances of one becoming a prey. Using proprietary apps can drastically decrease the spying threats because they are niche in nature.
To conclude, If you are a common man and have nothing to hide, then you don’t need to worry about the spying threats. But if you are carrying any confidential information or are in a role which requires secretive discussions and that it can’t be disclosed to any private or government agency, then following the above recommendations should help you go a long way.
#Spyware #Whatsapp #Pegasus #NSOGroup #Surveillance #Privacy #India #Payments #CyberSecurity #Mitigation #Malware #MobilePhonesMalware #Spying #AdreyPost
Copyright © 2019 Adrey Consultancy. All rights reserved.