In simple words, Pegasus is a spyware developed by the Israeli company, NSO (NSO stands for Niv, Shalev and Omri) to target devices using the iOS and Android Operating Systems. Spyware’s can infect any device and covertly snoop through the data stored on it and can also harvest it back to its user (hacker) over the internet.
However, the Pegasus spyware works on a whole other level, making it far more superior and much more dangerous than the typical spyware. The Pegasus spyware has a feature called the Zero-Click that enables it to perform Zero-Click attacks on the whim of a hacker.
What is the Zero-Click Attack?
The Zero-Click is one of the most latest approaches by which a spyware can infiltrate the target device without the need for any kind of interaction from the target device’s owner. The Zero-Click attack exploits the vulnerabilities already present in the operating system of the target device, that is usually missed or haven’t been identified to date by the Operating System developers. These security lapses which the spyware automatically uses to infiltrate the target device under the Zero-Click protocol are known as Zero-Day.
However, traditional spywares needs some kind of interaction by the target device’s owner for it to infiltrate the device. A user needs to click on any malicious programme or application created by the attacker which is normally disguised as a genuine application. Only the user can give it the permission to infiltrate his or her’s own system by clicking on it. It can be sent to him or her in various ways like in the form of genuine software or programme setup or even a genuine-looking email or in the form of webpage link in disguise of a genuine webpage, etc. Once clicked upon, the user will unknowingly grant access to the malicious programme or spyware that will launch or run in the background, then the attacker would be able to secretly snoop around the infected system and retrieve any type of valuable data to his liking present on the device.
(Note- In most cases, if looked carefully enough, some minor discrepancies can be spotted between a malicious programme mimicking a genuine one. These discrepancies can be spotted with careful observation. For example- the name or URL of a fake website or App maybe spelt slightly different from the real one. Hence, traditional spywares can be spotted or even automatically blocked by an antivirus at the time of installation).
This is the key difference between the Pegasus spyware having the Zero-CLick feature and a traditional spyware.
How does Pegasus Infiltrate a Device?
The Pegasus spyware uses the Over-The-Air (OTA) feature to infiltrate the targetted device (iOS and Android OS devices). The attacker or hacker simply sends a push message via a cellular network or the internet to the target device. The spyware automatically finds lapses (Zero-Day) in the devices Operating System and exploits them to infiltrate the device without the need for any interaction from the device’s owner as mentioned earlier (Zero-Click). Hence, as there is no owner interaction, there is no way for the owner to identify the spyware which even the antivirus can’t detect.
The Pegasus spyware can not only infiltrate a device through traditional means like other traditional spywares use but it can also enter by using any third-party app like for example the famous messaging platform Whatsapp. The Pegasus spyware can simply enter by a harmless-looking Whatsapp missed call and could also later delete the records of the missed call making it impossible for the user to understand that they were targetted.
Thus, this makes the Pegasus spyware far more superior and dangerous than any other traditional spywares.
Who has been Targeted so far?
So far, based on various sources and reports by various media outlets, several high profile names have been targeted around the world.
In India, more than 40 journalists, three opposition leaders and two ministers have been said to be potential targets. The list even includes the names of Congress MP Rahul Gandhi and poll strategist Prashant Kishore.
In another report, it was reported that 14 world leaders were also potential targets. The names are as follows Pakistani PM Imran Khan, French President Emmanuel Macron, Iraqi President Barham Salih, South African President Cyril Ramaphosa, Egyptian PM Mostafa Madbouly, Morocco’s Kinga Mohammed VI, Moroccan PM Saad-Eddine El Othmani and former Belgian PM Charles Michel.
What can you do to stay safe?
The only thing you can do is to keep your iOS and Android devices updated. Make sure the security patches are updated to the latest version. iPhone (iOS) users can change their default browser to a third-party browser, as according to the Pegasus brochure, “installation from browsers other than the device default is not supported by the system”.
That will be all for now folks. Make sure to subscribe to our newsletter to receive weekly updates on all kinds of interesting topics.