Pegasus, a malicious software, has been developed in 2010 by the Israel firm, the NSO(Niv Carmi, Omri Lavie, and Shalev Hulio-company’s founders) group. It was initially discovered for iOS devices later it extended to the Android devices.
Birth of Pegasus:
2016 – Hackers send malicious link to the targeted persons(smartphones,laptops) via text messages and email. This process was given a name called “spear fishing”.
2019 – Pegasus got updated where a single missed call on WhatsApp can infiltrate a device and even delete the record of this missed call which makes it difficult for the user to know what had happened to their device.
Also in the same year, WhatsApp Pegasus exploited a bug in its code to infect more than 1,400 iPhones and Android phones. These include journalists, government officials and human rights activists. But soon WhatsApp done away with the bug.
2021 – The Pegasus Project,an international investigative journalism effort, proved that various governments used the software to spy on opposition politicians, government officials, activists, journalists and many other.
Working of Pegasus:
=> Once the Pegasus got installed in a device, the entire control of device is in hacker’s hands. It gives access to hacker to gather data and forwards to the third party without the consent of the user.
=> It can read messages, emails, take screenshots, access contacts and know browser history.
=> Through hijacking, hacker gets access to microphone and camera turning it into a real-time surveillance device through capturing all activities in the phone’s vicinity.
=> Pegasus sends back the private data of the user to the hacker including contact list, calendar events, passwords, text messages and live voice calls from popular messaging apps thus accentuating the chances of user being blackmailed.
=> It is a software that can compromise a phone without the user having to click on a single link called “Zero-link-attack“.
=> Business executives, activists politicians, heads of state, many Royal Family members of Arab, journalists were found to be on the targeted list.
How to detect:
Mobile Verification Tool: A tool to check whether your phone has been targeted to attack or not and works with both iOS devices and Android. It has been developed by researchers at Amnesty International.
Measures taken to mitigate cyber crimes:
International Telecommunication Union: It is a specialized agency within the United Nations which plays an significant role in development and standardization of telecommunication and cyber security issues.
Budapest convention: An international convention which seeks to address Internet and computer crime by improving investigative techniques and increasing cooperation among nations. India is not a signatory to this convention.
The government need to take certain measures to restrict the usage only for authorized agencies and purposes. Unrestricted usage will become power to hackers and a pain to the society. To reap the benefits of this software, proper implementation is necessary.