PEGASUS
Developed by Israeli Cyber Warfare vendor NSO groups,
Pegasus spyware was designed to be installed on phones without actually being
in knowledge of target. Pegasus attack has been the most sophisticated
smartphone attack till date in cyber-attacks history.
Recently the spyware has targeted 1400 civil right
activists, lawyers and journalists across the globe including in India. Pegasus
at a time can attack 50 phones in just one go. It is used by many governments
to combat in terror related activities.
HOW
IT WORKS?
Pegasus used or rather reverse engineered the
messaging app Whatsapp and developed a program that copied Whatsapp network
traffic to target devices.
Zero Day Attacks
The spyware exploit vulnerable
software. They require no interactions from users instead they attack the
target in form of calling from unknown numbers and the no. disappeared from the
call logs, leaving no records of missed calls.
Spear Phishing Attacks
Attackers create tailor made messages that are sent
to specific targets. These messages convey a sense of urgency and contain a
link or a document these prompts to be from local news or embassy, opening it
leads to installation of spyware on phones.
THE
VULNERABILITES IT CREATES
It generally generates 3 types of vulnerabilities in
its targeted devices:
- CVE-2016-4655: Information
leak in Kernel – A kernel base mapping vulnerability that leaks
information to the attacker allowing them to calculate the kernel’s
location in memory.
- CVE-2016-4656: Kernel Memory
corruption leads to Jailbreak – 32 and 64 bit iOS kernel-level
vulnerabilities that allow the attacker to secretly jailbreak the device
and install surveillance software - details in reference.
- CVE-2016-4657: Memory
corruption in the Webkit – vulnerability in the Safari WebKit that allows
the attacker to compromise the device when the user clicks on a link.
HOW
IT THREATENS YOUR PRIVACY
It includes reading of text, messages tracking
calls, collecting passwords of the target device. It can also remotely activate
your camera and microphones to surveil the target and their surroundings.
Interesting to know they survive reboots and
themselves factory reset operating systems. They can only be detected by tech
experts.
Measures
one must take if they believe they have been targeted
· Stop
using device.
· Log
out all accounts unlink from all devices.
· From
different device change all your passwords.
· Seek
digital security advice.
Comments
Post a Comment