Skip to main content

PEGASUS



PEGASUS

Developed by Israeli Cyber Warfare vendor NSO groups, Pegasus spyware was designed to be installed on phones without actually being in knowledge of target. Pegasus attack has been the most sophisticated smartphone attack till date in cyber-attacks history.
Recently the spyware has targeted 1400 civil right activists, lawyers and journalists across the globe including in India. Pegasus at a time can attack 50 phones in just one go. It is used by many governments to combat in terror related activities.


HOW IT WORKS?
Pegasus used or rather reverse engineered the messaging app Whatsapp and developed a program that copied Whatsapp network traffic to target devices.

Zero Day Attacks
The spyware exploit vulnerable software. They require no interactions from users instead they attack the target in form of calling from unknown numbers and the no. disappeared from the call logs, leaving no records of missed calls.

Spear Phishing Attacks
Attackers create tailor made messages that are sent to specific targets. These messages convey a sense of urgency and contain a link or a document these prompts to be from local news or embassy, opening it leads to installation of spyware on phones.



THE VULNERABILITES IT CREATES
It generally generates 3 types of vulnerabilities in its targeted devices:
  1. CVE-2016-4655: Information leak in Kernel – A kernel base mapping vulnerability that leaks information to the attacker allowing them to calculate the kernel’s location in memory.
  2. CVE-2016-4656: Kernel Memory corruption leads to Jailbreak – 32 and 64 bit iOS kernel-level vulnerabilities that allow the attacker to secretly jailbreak the device and install surveillance software - details in reference.
  3. CVE-2016-4657: Memory corruption in the Webkit – vulnerability in the Safari WebKit that allows the attacker to compromise the device when the user clicks on a link.



HOW IT THREATENS YOUR PRIVACY
It includes reading of text, messages tracking calls, collecting passwords of the target device. It can also remotely activate your camera and microphones to surveil the target and their surroundings.

Interesting to know they survive reboots and themselves factory reset operating systems. They can only be detected by tech experts.
Measures one must take if they believe they have been targeted
·       Stop using device.
·       Log out all accounts unlink from all devices.
·       From different device change all your passwords.
·       Seek digital security advice.



Comments

Post a Comment

Popular posts from this blog

Pegasus Spyware: Flying Through The Air

 Hundreds of millions of people can't imagine life without their smartphones. Almost every aspect of their daily lives, from the most mundane to the most intimate, is within easy reach and hearing distance of their smartphones. Only few people realize that their phones may be used as surveillance devices, with someone hundreds of miles away secretly extracting their messages, photographs, and location while also activating their microphone and recording them in real time. Such capabilities are present in Pegasus, a spyware produced by NSO Group, an Israeli maker of mass surveillance weapons. What is Pegasus? Pegasus is a hacking software – or spyware – that is developed, marketed and licensed to governments around the world by the Israeli company NSO Group. It has the capability to infect billions of phones using either iOS or Android operating systems. The spyware is named after Pegasus, the white winged horse from Greek mythology. It is named so because it "flies through the...
Post a Comment
Read more

8 TECH SUPPORT STORIES. A MUST READ!

MOVE THE MOUSE! I asked a user to move her mouse all the way to the right. They picked up the mouse physically and put it on the right side of her desk. RIGHT CLICK! I told the user to right click on the desktop to select properties. She replied that nothing was happening. I asked her again to do the same. She replied with the same answer. When I went to her desk, she had written the word CLICK on a paper on her desk. LAPTOP NOT WORKING! A user was once shouting at me that her laptop was not working even though she hit the keys and tried the touch pad. I run down to her, she shows her laptop still shouting that I wasn’t working properly and couldn’t do my job etc. I look at her laptop, switch it on, turn around and leave the room. OUTAGE PROBLEM! A user once asked if they could download “download the Internet” in case there was a power outage and they could still use it. COMPUTER WON’T TURN ON! Once, a user said that her computer won’t turn on. I asked her to check ...
Post a Comment
Read more

HOW TO SEE INCOGNITO HISTORY AND DELETE IT

We have heard about private or incognito browsing. It’s the mode that doesn’t store anything in history. While it does store cookies, but are deleted after the session is exited. This mode is known as Incognito browsing in Google Chrome, Private Browsing in Mozilla Firefox, and InPrivate Browsing in Internet Explorer. Whatever we may want to call it, the mode works the same in all browsers. However, sometimes we might want to go back to a page that you previously opened. The question is – can you check your incognito history? Problem is, there is no easy way to go back to that page. So all are search queries we saw is effectively lost. Unless you can Google it up and it shows again. But if it’s not there on the first page of Google, it’s gone forever. But we can still get to know about the websites that have been browsed under the incognito mode. Yes, the private browsing mode has a loophole. You can see the browsing history of someone using incognito mode but only if you h...
Post a Comment
Read more