Thursday, October 31, 2019

Pegasus malware explained: All you need to know about the spyware affecting high profile targets

In recent times spyware has become quite a threat to society and information stored on your smartphones is under an even greater threat than before.

A representation image of the Pegasus spyware by Kaspersky.

A representation image of the Pegasus spyware by Kaspersky.

Isreali company NSO, whose bread and butter is developing spyware, has been put in the limelight the past couple of days for allegedly using WhatsApp to snoop around several high-profile individuals in many countries including India. The word Pegasus keeps cropping up in association with NSO and the spying that the company is doing.

What is Pegasus?

Pegasus is a modular malware that can initiate total surveillance on the targeted device, says a report by digital security company Kaspersky.  It installs the necessary modules to read the user’s messages and mail, listen to calls, send back the browser history and more, which basically means taking control of nearly all aspects of your digital life. It can even listen in to encrypted audio and text files on your device that makes all the data on your device up for grabs.

It was first discovered to Ahmed Mansoor, a UAE human rights activist, who happened to be one of its targets. He received several suspicious SMS' on his device containing what he believed to be malicious links. He sent these messages to security experts from Citizen Lab, who along with another cybersecurity firm called Lookout confirmed the existence of Pegasus and also called it the most sophisticated malware currently in existence.

So how can we detect if our device has been infected with Pegasus? As per the report, that is not an easy task to do as the malware tries to hide quite diligently. It will self-delete if it does not hear from the command server for more than 60 days, or if it detects that it has been downloaded on the wrong device.

Are both Android and iOS devices affected?

Researchers from Lookout revealed that Pegasus exists not only for iOS but for Android as well. For the latter, the malware has been dubbed Chrysaor and it is quite similar to Pegasus, which attacks only iOS devices, but different in terms of the techniques it uses to penetrate the device.

The report states that for iOS users, Pegasus relies on three zero-day (previously unknown) vulnerabilities which could be used to remotely jailbreak the device. A zero-day vulnerability means that the developers or software experts have just learned about the flaw and as such, there is no security patch to prevent the flaw. For Android, Chrysaor does not rely on a zero-day vulnerability but instead uses a sophisticated rooting method called Framaroot to install surveillance on the target device.

Is your device safe?

Learning about the Pegasus vulnerability, Apple has immediately issued a security update (9.3.5) that patched all three of the aforementioned vulnerabilities. Google has notified directly to all those Android users who have been affected by Pegasus and it is in the process of issuing a patch for the issue.



from Firstpost Tech Latest News https://ift.tt/2Wv30Hy

No comments:

Post a Comment