Pegasus was developed by the Tel Aviv, Israel-based cyber intelligence and security firm NSO Group. Pegasus spyware is also known as Q Suite and Trident.
It is the name for perhaps the most powerful piece of spyware ever developed – certainly by a private company. Once it has wormed its way onto your phone, without you noticing, it can turn into a 24-hour surveillance device. It can copy messages you send or receive, harvest your photos and record your calls. It might secretly film you through your phone’s camera, or activate the microphone to record your conversations. It can potentially pinpoint where you are, where you’ve been, and whom you’ve met.
Pegasus is the hacking software or spyware that is developed, marketed, and licensed to governments around the world by the Israeli company NSO Group. It can infect billions of phones running either iOS or Android operating systems.
It is considered the most sophisticated among all such products available in the market. The earliest version of Pegasus discovered, which was captured by researchers in 2016, infected phones through what is called spear-phishing – text messages or emails that trick a target into clicking on a malicious link.
Pegasus was meant to be used by governments on a per-license basis. In May 2019, its developer had limited sales of Pegasus to state intelligence agencies and others.
However, NSO’s attack capabilities have become more advanced. Pegasus infections can be achieved through so-called “zero-click” attacks, which do not require any interaction from the phone’s owner to succeed. These will often exploit “zero-day” vulnerabilities, which are flaws or bugs in an operating system that the mobile phone’s manufacturer does not yet know about and so has not been able to fix.
NSO Group has, however, denied any wrongdoing. It claimed to sell Pegasus only to “vetted and legitimate government agencies”.
How does Pegasus hack a phone?
Pegasus was initially used to gain access to a phone through a malicious web link through a message or email. Once a user clicked on the link, Pegasus would be installed on the phone. But then the spyware also gained some new abilities. Researchers found that it could be even installed on the phone with just a missed WhatsApp call.
This part of Pegasus hacking into phones is one reason why this spyware is so highly rated by those who use it. The phone hacking is almost seamless and the phone user has no clue that their device has been compromised.
Moreover, once Pegasus had access to the device, it could delete any call logs, thus making it virtually impossible for the victim to know that their phone was a target by the spyware.
Once installed on a phone, Pegasus can harvest more or less any information or extract any file. SMS messages address books, call history, calendars, emails, and internet browsing histories can all be exfiltrated.
What Activities can Pegasus perform on your Phone?
According to cybersecurity researchers, following its installation, Pegasus contacts control servers that enables it to relay commands and gather information from the infected device. Stealing passwords, contacts, text messages, and accessing the phone’s camera, microphone, and GPS, and other information with voice or video calls made through Whatsapp are well within its capabilities.
Once Pegasus is on a phone, it can potentially spy on the targeted user completely and thoroughly. Even encrypted chats like the ones made through WhatsApp were accessible to Pegasus.
Why Pegasus is a hot topic in the news
In late 2019, WhatsApp, the Facebook-owned messaging service, confirmed that some 1,400 of its users in 20 countries, including Indian journalists and activists, had been targeted by Pegasus in May that year.
WhatsApp said the spyware exploited its video calling system and a specific vulnerability to send malware to the mobile devices. The vulnerability has since been patched.
NSO allegedly first created fake WhatsApp accounts, which were then used to make video calls. When an unsuspecting user’s phone rang, the attacker transmitted the malicious code and the spyware got auto-installed in the phone even if the user did not answer the call.
Now it is in the news because on Sunday evening several news websites, including the Washington Post and the Guardian, claimed that over 10 governments are using this spyware to spy on journalists, activists, and other key media personalities. In India, according to the reports, over 40 journalists were under surveillance using Pegasus.