Earlier this week, there was a name in news, “Pegasus”. If you follow up news and stay updated with the current happenings around the world, you may have a slight idea about what actually “Pegasus” is and what it does. And, if not, and since you are here, I am going to explain everything about it, so you can understand why everyone was talking about it and should you be worried about the same or not.
Pegasus is in the spotlight for the alleged surveillance of some renowned personalities across the globe including India. These personalities include key journalists, politicians, businessmen, and activists. So, what is this Pegasus actually, and how it works, let’s get into the details of Pegasus.
What is Pegasus?
Pegasus is a spyware that is developed by Israel based NSO group. If you don’t even know what spyware is, well, it is kind of a malware or virus that enters your mobile or computer and gathers your personal data which is then sent to thrid-party in order to spy on you.
If we talk about Pegasus, as per NSO, it only provides the technology only to “authorized governments” that helps them “combat terror and crime”. Apart from the recent Pegasus Project, it gained a lot of attention back in 2019, when WhatsApp alleged it for exploiting a bug in the former’s code to infect more than 1400 phones.
Now, the spyware came to everyone’s attention again because the media claims that over 10 governments globally have been using this spyware to spy on their journalists, activists, and other key personalities.
How Pegasus can infect smartphones?
Pegasus can be installed on a phone through a malicious link in common apps, or by some other vulnerabilities in those apps. For example, the attacker may trick the target into clicking the link through SMS, iMessage, or WhatsApp.
Some reports even say that it can be installed even through a missed call on WhatsApp. Moreover, once it gets access to the device, it can even delete call logs. So, it is almost impossible for the targets to know that their phone was attacked by spyware.
Once installed, Pegasus can extract any data from the phone including SMS, Emails, WhatsApp chats, Photos & videos, GPS data, Calendar, and Contacts book, etc. It can also activate the Microphone, Camera, or record Calls. It can then transmit it all back to the attacker.
Can I detect Pegasus on my phone?
TechCrunch reports that researchers at Amnesty International have developed a tool that can let anyone detect if their smartphone has been infected by the Pegasus spyware. The tool, dubbed as Mobile Verification Toolkit (MVT), is available for free on Github.
However, this is not an easy process for everyone as it requires some software knowledge. Only those who are comfortable in typing commands can use the toolkit and find out if their phone has been infected by Pegasus.
How can Pegasus be detected on phones?
As mentioned above, you can detect this spyware with the help of this new tool. the tool researchers say that it can detect indicators of compromise (IOC) used by the Pegasus to infect the device. This Mobile Verification Toolkit is available for both Android as well as iPhone.
On iPhones, the toolkit can check the backup for the signs of IOC and read Pegasus-related domains which may appear in the backup. This way, it can confirm if the phone was infected.
On Android devices, the tool also checks the device backup for links to NSO Group’s domains sent via SMS. It also checks all apps if they have been compromised.
As already mentioned, the toolkit works on a command-line interface (CLI), which means a common user can not use the tool easily.
You can install the Mobil Verification Toolkit on your mobile by clicking this link.
What can I do to get rid of Pegasus?
Most cybersecurity experts say that the only way to get rid of Pegasus completely is to discard the infected device. According to Citizen Lab of the University of Toronto, one cannot get rid of this even by factory resetting the phone.
Thus, the only way to get rid of this spyware completely is to discard the phone. Also, it can continue to access your online accounts even after you discard the device, so make sure to change the passwords of all such services that you were using on the infected phone.
Should I be worried about Pegasus?
No. If you are not a top journalist, business leader, or someone who can have access to top secrets, you need not worry. Though one should always be worried about one’s digital privacy. However, not about this Pegasus, and there are reasons for saying so.
First, Pegasus is old spyware now and companies like WhatsApp, Apple, Google have already fixed the loopholes in their system that allowed it to enter devices and infect them. However, there might be new variants of Pegasus that can still be a potential risk.
Another reason why you should not worry is that Pegasus is really very expensive to purchase. Hence it is used mostly by governments and big companies. As per Economic Times, a single license of Pegasus can cost up to Rs. 70 lakhs. So, as evident, no one would invest such money in spying on just anyone.
This was all about Pegasus that you should basically know. Also, as mentioned above, you should not worry about this spyware as it is not intended for everyone.