Pegasus Spyware: Flying Through The Air

 Hundreds of millions of people can't imagine life without their smartphones. Almost every aspect of their daily lives, from the most mundane to the most intimate, is within easy reach and hearing distance of their smartphones. Only few people realize that their phones may be used as surveillance devices, with someone hundreds of miles away secretly extracting their messages, photographs, and location while also activating their microphone and recording them in real time. Such capabilities are present in Pegasus, a spyware produced by NSO Group, an Israeli maker of mass surveillance weapons.

What is Pegasus?

Pegasus is a hacking software – or spyware – that is developed, marketed and licensed to governments around the world by the Israeli company NSO Group. It has the capability to infect billions of phones using either iOS or Android operating systems. The spyware is named after Pegasus, the white winged horse from Greek mythology. It is named so because it "flies through the air" to infect cell phones and turn them into surveillance devices.

It's the alias for what's arguably the most potent piece of spyware ever created - at least by a private firm. It can convert your mobile into a monitoring device once it has landed in your phone. It can record calls, copy messages, extract photos, record your video, tap your location- where you are, what you’re doing, who you have met. According to the researchers the initial versions of the spyware used a technique called spear-phishing to infect targets mobile. Spearphishing is done by sending text messages or emails that deceive a target into clicking on a malicious link. However, since 2016 NSO has advanced it’s attacking capabilities. The Pegasus spyware now does not require any target interaction that means that the spyware can infect a device without any interaction with the user of the device through “zero-click “attacks. Even though the parent company of Pegasus NSO released a statement insisting that only carefully vetted government intelligence and law enforcement agencies can use Pegasus, and only to penetrate the phones of “legitimate criminal or terror group targets” well to some part it is true as Mexican government did capture the drug lord El Chappo using Pegasus spyware. Doesn’t it sound amazing that a software can round up all the terrorists and criminals of the world. That the entire world would become a better place because of this spyware.

The Pegasus Scandal

Even though the Pegasus software was developed to penetrate the phones of “legitimate criminal or terror group targets” but it wasn’t used in same sense. The software was discovered in 2016 after a failed attempt of installation on the iPhone of a human right activist which led to an investigation revealing details about the spyware. This led to a large media coverage as it was called “The Most Sophisticated” cyberattack. On August 23, 2020, according to intelligence obtained by the Israeli newspaper Haaretz, NSO Group sold Pegasus spyware software for hundreds of millions of US dollars to the United Arab Emirates and the other Gulf States, for surveillance of anti-regime activists, journalists, and political leaders from rival nations. The Saudi Arabian government used this spyware into the phone of the wife of Washington post reporter Jamal khashoggi before his death not only that but the Mexican government spied on a Mexican journalist using the spyware, who exposed several corruption scams in Mexico. Later, this journalist was murdered.

In July 2021, forbidden story with the technical help of Amnesty international team revealed 50,000 phone numbers “leaked list”, these are the phone numbers of the people who have been spied or are potential targets to be spied in the future. Only 1000 phone numbers have been identified some of the phones were sent for forensic examination some people agreed while some did not. Forbidden stories also identified NSO clients in 11 nations. Which are India, Togo, Rwanda, UAE, Saudi Arabia, Hungary, Mexico, Morocco, Bahrain, Kazakhstan, Azerbaijan. Of the names on the list most were journalist, activists, lawyers, business executives, academics, in fact the head of states like Emmanuel macron which is why he changed his phone. There were names of 300 Indians in the list who were spied between 2017-2019. One of the most recognizable name in the list is Rahul Gandhi accompanied by two of his close advisors. Second biggest name in the list is Prashant Kishore who is an election strategist. And many bigger names, relatives of people in power or the advisors like Vasundhara raje’s secretary, Senior CBI officer Rakesh Asthana, Former CBI Director Ashok Verma, former election commissioner Ashok Lavasa. Most of the opposition and independent media asked for a supreme court lead investigation. Even though the Indian media is framing it as an international plot to defame the government of India. Whereas in other countries like Algeria, France, Hungary, Israel had already initiated a probe to investigate. 

Should you be afraid? 

Now the question is should you be afraid of the Pegasus software? Well as from the blog you must have noticed that the people targeted are high profile people, journalists and people with power. Also installing Pegasus spyware on just 10 devices costs millions of dollars. So on a personal level no you should not be afraid of it but a network level you should be as all of your data is on the internet and the governments are willing to spend money if they want information about anything be it about the opposition, activists or even the commoners just to keep them under surveillance and record their activities. If you want to protect your device from Pegasus spyware (which is currently impossible) or any malicious attacks on your device on a personal level, you can use a VPN or browsers like Tor, brave, chromium or use search engines like duckduckgo, startpage, searX.