What is Pegasus?
Pegasus is a software (spyware/program) produced by the Israeli surveillance firm, NSO Group Technologies, a technology cybersecurity firm. Pegasus sends a malware link to the target user and once the user clicks on it, the code that allows the surveillance is installed on the person’s phone.
According to Citizen’s Lab, once Pegasus is installed and the phone is exploited, the attacker has complete access to the target user’s phone.
It then begins contacting the operator’s command and control (C&C) servers to receive and execute operators’ commands and send back the target’s private data, including passwords, contact lists, calendar events, text messages, and live voice calls from popular mobile messaging apps. The operator can even turn on the phone’s camera and microphone to capture activity in the phone’s vicinity.
The use of Pegasus’s software to spy, first emerged in 2016, when Ahmed Mansoor, a human rights activist in the UAE, was targeted with an SMS link on his iPhone 6.
The following excerpt from the Pegasus PDF briefly explains what the tool is capable of doing:
Organisations that deploy Pegasus are able to overcome the challenges mentioned above to achieve unmatched mobile intelligence collection:
- Unlimited access to target's mobile devices: Remotely and covertly collect information about your target's relationships, location, phone calls, plans, and activities whenever and wherever they are
- Intercept calls: Transparently monitor voice and VoIP calls in real-time
- Bridge intelligence gaps: Collect unique and new types of information (e.g., contacts, files, environmental wiretap, passwords, etc.) to deliver the most accurate and complete intelligence
- Handle encrypted content and devices: Overcome encryption, SSL, proprietary protocols and any hurdle introduced by the complex communications world
- Application monitoring: Monitor a multitude of applications including Skype, WhatsApp, Viber, Facebook and Blackberry Messenger (BBM)
- Pinpoint targets: Track targets and get accurate positioning information using GPS
- Service provider independence: No cooperation with local Mobile Network Operators(MNO) is needed
- Discover virtual identities: Constantly monitor the device without worrying about frequent switching of virtual identities and replacement of SIM cards
- Avoid unnecessary risks: Eliminate the need for physical proximity to the target or device at any phase
Comments
Post a Comment