How does “Pegasus” spyware work to infiltrate victims’ phones?

كيف يعمل برنامج التجسس

Reports that a number of countries were using the Israeli “Pegasus” program to spy on phones provoked great reactions, especially as the program targeted activists, politicians, journalists and governments.

Press reports on the Israeli spy program reveal that governments have sought to monitor the phones of key party activists, journalists, corporate managers and politicians who have exploited the program.

How to hack “Pegasus” phones?

Researchers believe that early versions of the hacking software, first exposed in 2016, used text message booby-traps to install on target phones.

read more

He had to click on the link he received in the target message to download the spyware, but this limited the chances of a successful installation, especially with the caution of phone users against clicking on suspicious links.

In contrast, newer versions of Pegasus, developed by the Israeli company NSO Group, have exploited loopholes in a wide range of mobile applications.

In 2019, a WhatsApp messaging application filed a lawsuit against an Israeli company claiming that it used a so-called “zero-day vulnerability” in its operating system to install spyware on about 1,400 phones.

Once the target person is contacted via WhatsApp, Pegasus can secretly download it to their phone even if they do not answer the call.

Recently, it was reported that Pegasus has taken advantage of a vulnerability in Apple’s iMessage app, which provides automatic access to the one billion iPhones currently in use.

What does the program do after downloading?

Alan Woodward, a professor of cyber security at the University of Surrey in the UK, explains that Pegasus is probably one of the most efficient remote access tools.

“Think of it as holding your phone in someone else’s hands,” he said. “You can use this software to view victims’ phone and email messages, view their photos, listen to their calls, and track their location. Capture them with location and their phone cameras.”

The researcher confirms that the developers of Pegasus have changed all traces of the program “better with the time of concealment”, it is difficult to confirm whether a particular phone has been hacked, so it is not yet clear how many people there are. According to reports, their devices were hacked.

Amnesty International’s security lab, one of the organizations investigating Pegasus, said it had found traces of successful iPhone attacks, most recently this month.

Can the program be removed?

Since it is very difficult to tell if there is malware on your phone, depending on the version Pegasus installs itself on the phone’s hardware or its memory, it is also difficult to know for sure if it has been removed. If it is stored in memory, restarting the phone can theoretically destroy it, so those at risk of targeting entrepreneurs and politicians are advised to shut down their devices and restart them on a regular basis.

In this context, Woodward said, “It seems like an exaggeration for many … to look for antivirus programs available for mobile devices.”

He continued, “If you are at risk, you may need to install some antivirus software on your phone.”

An investigation released on Sunday revealed that “activists, journalists and politicians around the world have been targeted for spying with a malicious program for cell phones developed by the Israeli company NSO.”

“Military malware of the Israeli – based NSO group is being used to spy on journalists, human rights activists and political opponents,” the investigation said.

The Federation of 17 News Agencies has identified more than 1,000 individuals in 50 countries selected by NSO clients since 2016 for potential surveillance, including nearly 200 journalists.

Source: Agent

Leave a Reply

Your email address will not be published. Required fields are marked *