Pegasus Spyware: Explained! (2021)
The article will talk about what is Pegasus spyware, along with answers to some of the most burning questions you might have about it. Use the table below to jump straight to your query or read it all to learn everything about what Pegasus is.
What Is the Pegasus Spyware?
Before we discuss everything about Pegasus, let’s first learn what exactly is spyware software or program. Simply put, spyware is unwanted malicious software that helps attackers infiltrate various devices and steal information from them. The specific type of data stolen (be it personal files, bank account details, passwords, chat messages, and more) depends on what spyware it is and the intents of whoever installed it on the target device. Spyware software can be installed on multiple devices and is often done without the victim even knowing about it.
Created by an Israeli private surveillance company called the NSO Group, the Pegasus Spyware is a very sophisticated piece of spyware that has the capacity to infiltrate the target’s devices easily and extract almost any piece of information it wants. The Pegasus spyware is marketed and provided to governments around the world. The company claims that the intent of the spyware is to prevent any malicious attacks and keep a close watch on suspicious people. However, the recent flurry of data leaks has revealed that various governments used Pegasus to spy on individuals who weren’t warranted for it. This type of nefarious use of the software has kicked up quite a controversy, and users are now worried about their own device’s security. Now that you have a better idea of what this nasty spyware is, find out how Pegasus works and transmits your private data to the government in the section below.
How Does Pegasus Spyware Infect Your Phone?
One of the things that has people worried about their cybersecurity is how easily and efficiently the Pegasus spyware works. Before the recent leak back in 2019, Pegasus used multiple methods to worm its way into the phones of various individuals. The spyware has since become even stronger and notably uses the following methods to gain access to a target’s phone. The first method involves a compromised website link that the victim is fooled into clicking. Once done, Pegasus is automatically installed on the device in the background, without the user’s knowledge. The second method involves the intricate use of zero-day vulnerabilities, which are bugs in an app or a phone’s operating system that the companies don’t even know about yet. Exploiting Whatsapp’s zero-day vulnerability, Pegasus Spyware made its way on devices through a simple Whatsapp call made to the target’s phone.
The targets didn’t even have to receive the WhatsApp call for spyware to infect their device. A missed call to their phone number was enough, and the spyware could get to work, stealing data right away. Moreover, Pegasus automatically deleted the call log entry of that specific call, so the target does not even know a call took place at all. WhatsApp has since patched the issue. When it comes to the Apple ecosystem, Pegasus spyware recently began exploiting zero-day vulnerabilities in Apple’s iMessage. This provides Pegasus access to many phones to run and collect data on across the world.
What All Data Does It Collect?
The extent of data the Pegasus spyware collects is scaringly vast. Once installed on the victim’s device, Pegasus may have total control over the phone, including root privileges. Using this extensive control, the spyware can collect a plethora of information and do things even the user cannot. However, that is not where this spyware stops. Aside from copying any and all of the messages you send or receive, Pegasus spyware can do the following:
monitor and record calls make a clone of your entire contacts extract your entire photo gallery turn on your device’s microphone and camera without your consent and record your conversations and movements from anywhere.
Since the spyware acts like a complete malware that runs rampant, there is no telling as to how much information it is capable of collecting and sending back to whoever is in control. However, from what we know and what is out there, we can definitely say that the scope of information stolen by the Pegasus spyware is huge.
What Platforms Does Pegasus Spyware Target?
The prime targets of Pegasus spyware attacks are iPhone and Android devices. However, that is not to say this is a definitive list. You can probably install Pegasus on older Symbian and Blackberry devices, along with phones running out of update operating systems. Recent reports by researchers at Amnesty have found that the iOS ecosystem can be infiltrated by Pegasus using zero-click exploits in Apple’s mobile operating system. This method requires no interaction from the user and is almost non-traceable. Citizen Lab researcher Bill Marczak recently mentioned that Apple devices with iOS versions as recent as iOS 14.6 are prone to zero-click iMessage exploits. Malicious actors can use these loopholes to install Pegasus on your device.
— Bill Marczak (@billmarczak) July 18, 2021 It is especially worrying considering the speed at which Pegasus has been catching up with the latest Android and iOS operating systems. Does this mean no one is actually safe from the grip of Pegasus? If so, how dangerous is the spyware to your privacy?
Is the Pegasus Spyware Dangerous?
Talking about the severity of the Pegasus in general, there’s no doubt that the much-talked-about spyware is really dangerous. The prime principle behind this spyware is to gather as much information as it can on the selected individuals and send it back to NSO’s clients. It is up to the perpetrators to decide what they do with the stolen data. Well, spyware software is rarely spread around in devices with good intent. So it is safe to assume that individuals appearing in the recent Pegasus spyware leak are targets of a dangerous scheme.
Is My Device Vulnerable to Spyware Attacks?
Your Android or iOS phone, along with almost everyone else’s device, is vulnerable to the Pegasus spyware. However, that’s not a huge cause for concern since the spyware deployed by NSO’s clients focuses on high-profile individuals. NSO’s clients target them for one reason or another, be it national security or some propaganda. While everyday smartphone users, whether Android or iPhone, are at risk of being infected by Pegasus, it is unlikely that your phone is among the list of leaked users targeted. There might be specially designed devices out there that are immune to the Pegasus spyware attacks, but that is conjecture at best.
How to Check If My Device Is Infected by Pegasus Spyware?
While the ways to detect if your device is infected by the Pegasus spyware are severely limited, there might be a method you can use. The researchers at Amnesty International have published a toolkit that may help users scan their own phones. Known as the Mobile Verification Toolkit or MVT for short, the toolkit can partially detect traces of the Pegasus Spyware on iPhone and Android. MVT does that by taking a full backup of the device in question and then scanning it for any indicators of compromise (IOC) used by NOS to deliver Pegasus. After scanning the backup file, the MVT will output several files and clearly mention if traces of Pegasus were detected in any of them. The toolkit scans Android phones using a similar approach. MVT will scan an Android device’s backup for text messages with links to sites that have been used by NSO, the company behind Pegasus. Now, using the MVT is an intricate process best suited for users who know how to use file structures and command terminals. If you think you are up to the task, you can go ahead and download the Mobile Verification Toolkit files from Github. However, be aware that you will also need the above-discussed Amnesty’s Indicators of Compromise, which you can get from the attached link. Check out MVT’s documentation to get a better idea of how to go about the process and check if your device is affected by Pegasus or not.
How Do I Get Rid of Pegasus Spyware?
You can’t, at least not completely. From what we know of the Pegasus spyware, for now, it is impossible to wipe every trace of it from your phone. If you think your device has been compromised, we suggest wiping all your existing data and doing a factory reset. However, be aware that even doing that may not completely get rid of this nasty spyware. From the opinion of multiple security experts and information available, the only way to completely rid yourself of the Pegasus spyware is to discard the infected phone and get a new one. Furthermore, make sure that all the apps in the new phone are up to date and you change the passwords of all the cloud storage accounts you own. We realize this sounds tedious, but unfortunately, it’s the only way you can rid of this spyware completely.
How Can I Protect Myself from This Spyware?
There are a couple of good practices you follow to stay safe from Pegasus, or matter of fact, other malicious software.
1. Keep Your Phone and Apps Up-to-Date
Make sure to upgrade your smartphone’s operating system to the latest version. We say this because companies regularly roll out security updates to patch a variety of bugs and zero-day exploits. Moreover, make sure to regularly update all the apps on your Android and iOS device to their latest version so that you have the best protection possible. Also, be aware of these dangerous Android apps that you should never install.
2. Use Antimalware/ Antivirus Software
Antimalware is a program that helps combat various types of malware and other malicious programs that are present across the internet. Antimalware deals with the most common malware, including viruses, to more complex ones like rootkits, keyloggers, and certain types of spyware. While we doubt antimalware will be able to detect and remove the Pegasus spyware, for now, it is still good practice to install one. Check out these best Antivirus apps for Android. iPhone users should also remain careful and learn how to keep an iPhone Malware free.
3. Be Wary of Unknown Links
As we have already discussed above, one of the prime ways Pegasus can find its way on your phone is through a compromised website link. Therefore, always make sure you can trust the website before you click it. If a friend has sent it along, perhaps it’s better to ask them where they got it before you eagerly
4. Monitor App Permissions
While you won’t see the Pegasus spyware just hanging around like an app, it could be embedded inside any or every app like Whatsapp, Mail, Instagram, and more. So make sure to keep an eye out for permissions an app is using.
Both Android and iOS devices now show privacy indicators to tell you when an app is accessing the microphone and camera permission. It can tell you when some app is using permissions, even when it doesn’t need to. If you are not using the latest version of Android, you can get the Android 12 Privacy Dashboard or the Access Dots app to bring similar functionality to your older Android device.
1. Can a VPN (Virtual Private Network) Protect Me from Pegasus Spyware?
Answer: Unfortunately, it cannot. The Pegasus spyware is not limited to any specific geolocation parameters and instead relies on being embedded in the phone itself. No matter which location you change your VPN to, the data on your phone is still prone to be copied by Pegasus. However, you can practice proper online safety by watching which websites you visit.
2. Will Turning off My Phone Stop Pegasus Attack?
Answer: Again, the answer is no. It won’t. For this specific method to work, you need to know exactly when the Pegasus spyware burrows its way into your phone’s files. Currently, there is no software nor tool that acts as a firewall for Pegasus. Hence, you have no way of knowing when exactly to turn off your phone to stop it. Furthermore, the data transmission rate of the Pegasus spyware is not known. Hence, all your data could be copied before you even get a chance to learn the spyware is here.
3. Should I Change My Phone Number Just to Be Sure?
Answer: If you strongly believe you have been a target of the Pegasus spyware, yes, you can go ahead and change your phone number. But, it won’t help eliminate the spyware. So be sure to also get a new smartphone when you get a new number since the spyware is usually present inside the device itself.
4. Why Doesn’t WhatsApp Stop Pegasus?
Answer: This is because messengers like WhatsApp provide end-to-end encryption, which is focused on encrypting messages from the time they leave your friend’s device and land on your phone. However, the Pegasus Spyware focuses on an Endpoint attack that starts stealing your personal data after it has landed on your phone. So, imagine a person leaning over your shoulder to read your messages. This is what Pegasus does but on a much more subtle and larger scale.
5. Who Made the Pegasus Spyware Exactly?
Answer. The organization behind Pegasus Spyware is a private company named the NSO Group. Based in Isreal, the company is a leading maker of spyware. The NSO Group was founded in 2010 and the Pegasus Spyware is the company’s flagship product.
Stay Safe from the Pegasus Spyware
The recent investigation has shown Pegasus is still very much active across smartphone devices and could target more people in the future. Furthermore, since private firms like NSO are chasing profit, we are likely to see more spyware upgrades to target operating systems like Windows and Mac. We recommend being proactive and checking out these best antivirus packages for your Mac and safeguarding it. Moreover, if you don’t want a heavy antivirus on your computer, check out these best portable antivirus software for Windows. What do you think about this Pegasus spyware? Let us know in the comments below.