What is Pegasus Security Breach?

What is Pegasus Security Breach?

What is pegasus security breach, cybersecurity, Pegasus spyware

What is Pegasus Security Breach all about?   Pegasus is spyware created by NSO Group, an Israel-based company specializing in so-called “cyber weapons.” The group is named after 1st letter of names of founders Niv , Shalev & Omri.  It initially made headlines in 2016, when an Arab activist became suspicious after receiving a threatening message. Pegasus was believed to be aimed towards iPhone users. A few days after the security weakness was discovered, Apple released an updated version of iOS, ostensibly addressing the security flaw that Pegasus was used to hack phones. Pegasus, however, was discovered to be similarly capable of infecting Android phones a year later by security researchers. More information and security fixes trickled in. After that, in 2019, Facebook sued NSO Group for inventing Pegasus. Facebook security researchers across their networks were pursuing Pegasus, and they discovered that the software had been used to infect multiple journalists and activists in India. This was also the time when WhatsApp sent a message to the affected Indian users. However, it’s essential mentioning that the NSO Group has confirmed Pegasus’ existence. However, the Israeli firm has stated that it only offers the tools to governments and that it is not liable for their misuse.  

How does Pegasus breaches into a phone?

One of the reasons why Pegasus is so well-liked by people who use it is its ability to hack into phones. The phone hacking is practically undetectable, and the user is unaware that their device has been hacked. When a hacker wants to hack any phone, then they send the targeted person a malicious website link, which, if clicked, installs Pegasus on the phone. It can also be introduced via a security flaw in voice calls conducted through apps such as WhatsApp. This call method is so powerful and hidden that Pegasus might be installed on the phone by making a missed call to the user. The call log item would be deleted once the program was loaded, so the user would not be aware of the missed call.  

Why is Pegasus harmful, and what it can do?

Pegasus can potentially spy on the targeted person entirely and extensively once it is installed on the phone. Pegasus had access to even encrypted chats, such as those sent through WhatsApp. According to security researchers, Pegasus can read messages, track calls, follow user activity within apps, gather location data, access video cameras in phones, and listen through their microphones. Pegasus is a type of malware that is modular. It installs the necessary modules to read the user’s messages and mail, listen to calls, record screenshots, log pressed keys, exfiltrate browsing history, contacts, and so on after scanning the target’s device. It can monitor every element of the target’s life. Pegasus could also listen to encrypted audio streams and read encrypted messages, indicating that it took messages before they were encrypted, thanks to its keylogging and audio recording capabilities (and, for incoming messages, after decryption). Another noteworthy aspect about Pegasus is that it makes a concerted effort to conceal itself. If the spyware can’t communicate with its command-and-control server for more than 60 days or detects that it was placed on the wrong device with the wrong SIM card, the virus self-destructs.  

Is Pegasus effective these days?

In terms of the classic Pegasus, it is no longer as helpful as it previously was. The present hype surrounding it stems from its previous exploits rather than its current ones. When the information became public, Apple released an update to iOS 9 to close the flaws that the malware was exploiting to get access to an iPhone. When the details of Pegasus’s attack on WhatsApp and Android were made public, Google and WhatsApp quickly corrected the security flaws that Pegasus was exploiting. Also, if you have an iPhone running iOS 14 or an Android phone with the latest version of essential apps like WhatsApp loaded, you won’t have to worry about vintage Pegasus. However, this does not imply that your phone is un-hackable. There is no such thing as a hack-proof computer or phone. Pegasus infects devices by exploiting zero-day security flaws. This means they use security flaws in phones, laptops, and apps that even Google, Apple, Facebook, and other corporations are unaware of. However, NSO Group still exists and can roll out an upgraded version of Pegasus or other spyware that the general public is unaware of. Classic Pegasus, on the other hand, is not anything to be concerned about in 2021. It’s also worth noting that a spyware tool like Pegasus is highly costly. The cost is in millions of dollars, and only large corporations or governments can afford it. In truth, NSO Group has previously stated that it solely sells software to governments of about 45 countries and after taking permission from Israeli government. Pegasus-like gadgets aren’t meant for mass monitoring. They’re utilized to spy on specific people or groups like terrorism cells. So, unless you feel a government or a powerful organization has a purpose of monitoring you, you shouldn’t be concerned about Pegasus.  

About SNS

Secure Network Solutions India (SNS) provides a quantifiable, risk-based approach to build cybersecurity for corporates based on globally recognized frameworks and standards. We have been protecting businesses since last 20 years! Write to us at [email protected] image source- bar and bench  

Loading

Leave a Reply

Your email address will not be published. Required fields are marked *

one × two =

Related Post

Open chat
1
Click for Chat
Hello
Can we help you?