Pegasus Spyware: The World’s Scariest Cyberweapon You’ve Never Heard Of
Cybersecurity is about one of the hottest topics for any business and a good reason. Malicious software like Pegasus Spyware makes business leaders reconsider what it means to keep their computer networks secure and safe. In the blog, I go over Pegasus Software, how it works, and why it’s truly the most dangerous cyberweapon ever.
What is Pegasus Spyware?
Pegasus Spyware, developed by a company based out of Israel known as the NSO Group, is explicitly made for hacking into computers or mobile phones. This cyber intelligence software was designed for one purpose only, to access a person’s device without their knowledge or consent.
This malicious software retrieves sensitive data or even spies on the person without the victim being wiser. The NSO Group refutes these claims and states that Pegasus Spyware is for helping governments combat terrorist groups and the complex world of organized crime.
Stealthy Attacks Leaked
Around four or five years ago, a human rights activist from the UAE received a phishing scam’s text message. This individual sent these messages to the national security agency. It found that the malware had taken over his phone when he opened the message, called Pegasus Spyware. Shortly after that, a very public leak of a top-secret database containing over 50,000 phone numbers of different government officials worldwide that Pegasus Spyware was monitoring.
How Pegasus Spyware Works
Pegasus Spyware works fairly standardly using phishing scams through text messages or emails. Below is a typical scenario typical scenario of how Pegasus Spyware could enter a device and secretly retrieve sensitive information.
Step 1: The Target
In the beginning, the targeted person will receive a link to their device that encourages or compels them to open the message which activates the spyware. Sometimes this software is activated through a process called “zero-click” hacks, meaning it can show up on the device without the victim knowing or having to open a message and click a link.
Step 2: Infect the Device
The second part is when the spyware begins to capture sensitive information and then copy the phone’s essential functions. Leaked NSO marketing materials give detailed instructions on how the camera and microphone can be manipulated and track all incoming and outgoing messages.
Step 3: Monitor Target
Finally, this embedded spyware will continue to gather all deemed sensitive information and use it to make sense of the victim’s life, using it to map out personal details. This spyware sticks around and watches its victim and takes any information it finds useful, like a parasite living off its unaware host.
Pegasus Spyware ‘Fun’ Facts
Pegasus Spyware attacks are so seamless and stealthy that those targeted typically don’t even know they’ve fallen, victim. A common tactic by Pegasus is to send maybe a missed call through WhatsApp, and from there, your device is then a victim. Some other attack points are iMessage on iPhones; it turns out no one is safe.
Beyond that, these “zero-click” hacks are insanely covert; device users don’t get a link, message, or anything to interact with; their devices just become consumed with this malware. On top of that, even if users do get a message and then delete it, the spyware can still enter the device and take over all functions. Even end-to-end encrypted messages aren’t safe, many of which are also at risk.
Pegasus Spyware ‘Fun’ Facts
Some fun facts about Pegasus Spyware and its creator company NSO Group are that Amazon used its expertise to develop AWS’s cloud computing network. Recently, Amazon has deactivated all software developed by the NSO Group due to recent investigations around the company.
As it turns out, this type of spyware doesn’t come cheap at all, with the average price to monitor ten iPhones coming in at $650,000, with additional charges for extra services. Pegasus Spyware has been a valuable tool for some governments who want to keep tabs on people they see as enemies of the state.
Apple released a statement on the Pegasus Spyware issue stating, “Attacks like the ones
described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals.”
If you’re an average person going about their business, you’re likely safe and shouldn’t worry. Even though these kinds of spyware tools are supposedly short-lived, it’s something that we all should be aware of and understand how it can be used by those looking to stay in power.
Hungry for more? Check back Thursday for my next blog, which will look at the pros and cons of blockchain technology.
Every week, I’ll have several new blogs on my website where I dive into the world of blockchain tech and topics on cybersecurity — simplifying the world of tech.