Pegasus spyware is a highly sophisticated and controversial piece of software developed by the Israeli cyber-arms company NSO Group.
Remote Installation: Pegasus can be installed on mobile phones (both Android and iOS) without any user interaction, often through zero-click exploits.
Extensive Data Collection: Once installed, it can access and exfiltrate a vast amount of data,
Text messages and emails
Photos and videos
Contact lists
Calendar entries, GPS location data
Call logs , App data and passwords
Audio and Video Recording: Pegasus can even activate a phone's microphone and camera to capture audio and video recordings discreetly.
Evasion Techniques: It employs sophisticated techniques to remain undetected by antivirus software and anti-forensic tools.
Amnesty International
Amnesty International is a non-governmental organization focused on human rights.
Founded in 1961, it's known for its research and activism in promoting human rights globally.
Mission: To campaign for a world where every person enjoys all of the human rights enshrined
in the Universal Declaration of Human Rights and other international human rights instruments.
Vision: A world where all human rights are respected and protected.
Research and Investigations: Amnesty International conducts in-depth research on human rights abuses around the world, documenting violations and campaigning for justice.
Advocacy and Campaigning: The organization lobbies governments and international bodies to adopt and enforce human rights laws, and mobilizes its supporters to take action on specific human rights issues.
Public Education: Amnesty International raises awareness about human rights through public education campaigns, publications, and events.
Latest allegations about Pegasus’ use?
After Apple issued a security notification to certain iPhone users, including MPs, in October, researchers at Amnesty International’s Security Lab analysed the allegedly infected devices.
At the end of their examination, they reported finding traces of Pegasus’s activity on their respective devices.
Security Lab concluded that a message to facilitate a “zero-click exploit” had been sent to Mr. Mangnale’s phone over his iPhone’s iMessage app on August 23.
The message was designed to covertly install Pegasus on the device. “The attempted targeting of Anand Mangnale’s phone happened at a time when he was working on a story about an alleged stock manipulation by a large multinational conglomerate in India,” an Amnesty report stated.
What is Israeli company NSO’s response regarding the matter?
The Washington Postquoted a statement from the Israeli company NSO, which makes and distributes Pegasus, as saying that it again that all of them are vetted law enforcement and intelligence agencies that licence our technologies for the sole purpose of fighting.
What mechanisms were used by the spyware?
Pegasus spyware employed a range of sophisticated mechanisms to target and infect devices, some specific to the phone's operating system (Android or iOS).
Once installed, Pegasus utilized various mechanisms to gather data and maintain stealth.
Rootkit techniques: These techniques allowed Pegasus to hide its processes and files from traditional detection methods.
Keylogging: Pegasus could record everything typed on the device, including passwords and sensitive information.
Screen recording and screenshots: The spyware could capture screenshots and record the phone's screen, providing visual intelligence on the user's activities.
Microphone and camera access: Pegasus could remotely activate the phone's microphone and camera, enabling audio and video surveillance.
What is a zero-click exploit?
A zero-click exploit refers to malicious software that allows spyware to be installed on a device without the device owner’s consent.
More importantly, it doesn’t require the device owner to perform any actions to initiate or complete the installation.
The specific exploit allegedly in use on the two devices is called BLASTPAST.
It plays out in two phases.
In the first, the attack attempts to establish a link with the Apple HomeKit .
Which gives users a way to control multiple smart devices – on the target’s device.
In the second, some malicious content is sent via the iMessage app to the target.
“The two-stage attack process seen in this case is similar to the previous PWNYOURHOME Pegasus attack vector described by Citizen Lab.
COMMENTS