What is Pegasus, the chosen tool for total surveillance? – Livemint

Posted on by

New Delhi: You have heard the name Pegasus by now. The spyware, developed by Israel-based security company, NSO Group Technologies, was used to hack and snoop on journalists, lawyers and activists in India, presumably by the government. What does Pegasus do? How does it work?

According to the spywares product details, uploaded to document cloud by Claudio Guarnieri, Head of Security Lab at Amnesty International, Pegasus is meant to infiltrate smartphones silently and work on three things -- collect historic data on device, continuously monitor activity and transmit this data to a third party.

Other than Android and iOS systems, Pegasus can also penetrate Symbian and BlackBerry-based devices. The malware can infect devices via phishing text messages that trick users into clicking a particular link, using the over-the-air update system and more. In WhatsApps case, it used a vulnerability in the app that allowed infection through missed video calls. This security gap was plugged by WhatsApp back in May this year.

The same was confirmed by WhatsApps Global Head, Will Cathcart, through an op-ed in the Washington Post.

In all forms of installations, the spyware completes the process in the background, completely out of the users notice. This, combined with the fact that Pegasus doesnt require the users attention is one of the reasons why the spyware is so dangerous and popular amongst security contractors.

The iOS version of this spyware was found first (in 2016), while it was revealed to be on Android too, by security firm Lookout, at the Security Analysts Summit, 2017. Chrysaor, is the name assigned to the Android version of Pegasus by Google.

Lookouts technical analysis of Pegasus and the product document shared by Guarnieri, both clarify one thing -- that WhatsApp isnt the only sufferer. Its reach spreads much beyond that. As for surveillance, lets be clear: Were talking total surveillance," wrote security firm Kaspersky in a blog post.

Once on your phone, Pegasus has access to data thats already on your phone, including photos, videos, text messages, email apps, browsing history, contact list, location, files, other messaging apps (like Viber, Skype, Messenger) etc. It can also listen to you and sounds around you through the phones microphones, record incoming and outgoing calls, capture screenshots and use the phones camera to take photos.

Further, Pegasus doesnt transmit data when a smartphone is on roaming unless its on WiFi. This is of course done to hide its tracks, since users might notice high data usage bills while roaming. Instead, the spyware collects and stores data on your phone in an encrypted buffer, waiting to transmit it once youre out of roaming. It does the same when the phone doesnt have an active Internet connection or is at under 5% battery.

To ensure you never find out, Pegasus is designed to never use more than 5% of the free space on your phone. So, if you have 10GB of free space the malware will use only about 500MB at a time, something thats near impossible to detect on a smartphone, even if youre checking. Pegasus removes data on a first in first out basis if it hasnt been able to transmit to its servers for a while.

NSO has created an intuitive" front-end for users of Pegasus to parse through the data they gather. This allows operators of the programme to easily sift through the tonnes of data they might be getting through Pegasus.

Interestingly, theres no real way to avoid a Pegasus attack other than the regular best practices. Security experts have repeatedly advised against downloading suspicious files, clicking on unknown links etc. and those remain the best way to fight this malware.

Here are some of the famous surveillance programs:

RCSAndroid: An Android surveillance tool designed by Milan-based company, Hacking Team. It is a data collection tool sold to law enforcement and government agencies. It was disguised as a news app on the Play Store and somehow escaped Googles security scans.

DROPOUTJEEP: A program which was revealed to have been the go to tool for the US National Security Agency (NSA), allowing it to compromise Apples iPhones. It could access files on the device, read SMS texts, voicemail messages and more.

XKeyscore: The NSA, in its training material, called this its widest reaching" system for gathering intelligence off the Internet. XKeyscore was amongst the programs revealed by whistleblower Edward Snowden.

Livestrong: An exploit used by the US Central Intelligence Agency (CIA) to compromise devices running on Android 4.4 KitKat, revealed by WikiLeaks as part of the famous Vault7 data dump.

The rest is here:
What is Pegasus, the chosen tool for total surveillance? - Livemint

Related Posts
This entry was posted in $1$s. Bookmark the permalink.