Pegasus is a spyware it infiltrates your phone or any other device using a vector.
The vector is what carries the spyware inside the device so it could be whatsapp it could be via messaging it could be via mail a global collaborative investigative project has revealed that israeli company NSO groups.
Pegasus spyware targeted over 50,000 mobile phone numbers according to BBC News including PM Imran.
Pegasus is a software developed by an Israeli security company called NSO.
NSO has done many things but it’s pegasus that has sort of been in the limelight for the past few years.
It installs itself onto the device and then starts beaming out your data or what you are doing your activity your internet behavior all of that to the attacker pegasus has been used to target a lot of important people across the world.
Now NSO does not sell pegasus or any of its product to anybody out there it sends it only to sovereign players or a government or a government’s institutions which also makes it more interesting so it is a spyware with the spine coats which means it’s a traditional spyware.
Interestingly what’s happening is that there’s a lot of internal spying also happening In India the governments are using it to keep a tab on its own citizens.
Earlier and pegasus has been there for quite some time we started noticing it around 2021 – 202 or 2021.
It was pure fishing techniques which means you get a link a lot of you have seen suspicious links on your email or in your message on whatsapp even instant messaging like on a Facebook Messenger you would see a message which does not look right and a lot of people won’t click on it but a lot of people do click on it and that is how it gets installed.
Pegasus is that it’s come to light that pegasus does not need to do that anymore it uses something called a zero click vulnerability which means it can install itself onto a device without the user actually initiating an action or just making a mistake so that is not needed which means let’s say technically you get an email which has this this malware or the spyware in it and you have a client.
On your phone like your apple apple mail or any other mail client which downloads emails even before it scans it like as if the email has already been downloaded before it checks whether there’s a problem with this in those things it already gets installed even before you can act on it and in this case it’s even more worrying because the user does not know he’s been attacked.
There is no way to prevent it because you are not really doing anything to do it so it gets very very tricky right interestingly honestly forensic team which is looking at this pegasus data dump and like who’s been attacked and all they are saying that it actually gives you more control or the attacker gets more control on the phone than the user itself. Because on an iphone it goes into the into the root files which means it can change anything so it actually reads it can see everything that you are doing on the phone without an exception and it can also then transmit this data to your attacker so your attacker gets files data logs your contacts your emails all of that can be read by your attackers.
It’s very difficult for the user to know he or she has been targeted and will see maybe that your phone is slowing up at times and not but you wouldn’t you might not realize it’s happening because of a spy spyware because most of the phones as they get older do tend to become slower and they do hang at times so you don’t think that it’s something malicious happening.
Preventing this attack especially if it’s a zero click attack is very difficult in the earlier case which was in a spear phishing kind of a thing it’s very more traditional and over time at least people who have the kind of data that they need to protect have become very cautious about clicking certain links or installing apps that they don’t trust.
The present situation where you really don’t have to do anything on your own the most you can do is to ensure that you are using the latest version of the operating system and of all the apps on your phone so if in case this is a vulnerability that has already been identified by an apple or a google then you have you might have a patch to prevent it.
Some phones which had the latest version of the operating system even they have been breached now so which means you really can’t prevent it but one prevention or one caution you have to do to take is to update your operating system whenever a new update comes in and this applies for apps also just keep them on an auto update kind of a mode the other thing to do is you should not sideload any apps which are not supposed to be there on your phone or is not being delivered via your operating system so a lot of people especially android tend to side load apps that can be very risky.