It is not difficult to avoid Pegasus, it is impossible: even if the user does nothing, his phone can be hacked by the attacker spyware Pegasus

Mumbai: The Israeli company NAO Group, also known as Q Cyber ​​Technologies, is gaining traction in the mobile Phone spy devices market. The company also launched Pegasus, also known as Q Suite, as one of the most effective cyber intelligence solutions in the world.

Its potential clients included law enforcement agencies and intelligence agencies. Pegasus Spyware, developed by Israel's experienced spy agencies, made it possible to collect its data remotely from any mobile device.

Until the beginning of 2018, NSO Group customers relied on SMS or WhatsApp messages to achieve their goals. They were sending enigmatic links through it and because of that spyware was being set up in that mobile. In the literature of Pegasus Spyware, this is referred to as the Enhanced Social Engineering Message-ESEM. When having this enigmatic link

When ESEM is clicked the phone connects to a server. Which would check his operating system and send him convenient spy software. Amnesty International first described network injection technology in its October 2019 report. Which made it possible for the attacker to insert spyware into his device even if it did not target him.

This work was carried out in various ways by Pegasus. In the over-the-air option, a push message was sent to the target in which spyware was configured. In which the target does not even know that spyware has been installed in his phone. In this way Pegasus was different from other spyware available in the market. Which was exactly publicized by the NSO group.

What devices can Pegasus spyware penetrate?

In this case, it is easier to ask which device it cannot penetrate. It is largely inserted into Apple's iPhone by the default iMessage app and by the push notification service-APN.

This spyware becomes the app that is downloaded and transmitted itself through Apple's servers. The existence of Pegasus was reported to cybersecurity firm Lookout in August 2016 by the Citizens Lab at the University of Toronto.

Both were warned by Apple to be at risk. In April 2017, Lookout and Google released details about the Android version of Pegasus. In October 2019, WhatsApp said its video calling feature was being used by the NSO group to install spyware.

WhatsApp chief Will Kathcart said the phone rang as soon as the user received a video call and the attacker secretly set the spyware into the phone. The user did not even have to answer the phone call. A Citizen Lab report in December 2020 revealed how government operatives hacked 37 phones using Pegasus.

These included 37 phone reporters, Al-Jazeera's creators, anchors and executives. Journalists from London-based Al-Arabi TV were also targeted. During July-August 2020, spyware was inserted into their iPhone using a flaw in iOS 13.5.1. However, these attacks did not work in iOS 14 and later.

Is Spyware Always Succeeding Into Target Device?

This is often the case, but if the user takes certain precautions, the spyware will fail. Usually the attacker only needs a phone number. Find out which number to send the network injection to. Because everything else is done automatically by the system. And in most cases spyware is successfully installed.

However, in some cases network injection may not work. For example, this happens when the target device does not support the NSO system. Or it may be even more secure when the operating system is upgraded. Another way to beat Pegasus is to change your phone's default browser.

This is because according to Pegasus, it is not possible for any browser other than the default browser to insert spyware through this system. In such a case the installation does not take place and a predefined simple webpage appears. Even in this case, the user does not know that the attempt to insert spyware into his phone has failed. If all else fails, Pegasus inserts its spyware in less than five minutes.

What information can be stolen from you?

Once the spyware enters, the phone becomes your digital spy and comes under the control of the attacker. Once Pegasus enters your phone, it communicates with the attacker's command and control - CNC - server. Through which it sends all user information to the server including all private data including password, contact list, live voice calls, (including end-to-end encrypted calls made through messaging app) and calendar events.

The attacker also took control of the phone's camera and microphone via Pegasus and used the phone's GPS function to track the user. Pegasus sends to the Apache server only at certain times so that the user has no doubts. Spyware is designed in such a way that it is not caught even in forensic analysis or antivirus detection. Of course the attacker can deactivate or remove it when needed.