How to detect pegasus spyware and Citizen Surveillance

What You Should Know About Pegasus Spyware and Citizen Surveillance

It's a hefty case of digital espionage technology. Security researchers discovered evidence of attempted or successful installations of Pegasus, software developed by the Israeli cybersecurity firm NSO Group, on 37 phones belonging to activists, rights activists, journalists, and businesspeople. They appear to have been the targets of secret surveillance by software designed to assist governments in tracking down criminals and terrorists, and as the months pass, more and more Pegasus.

how to detect pegasus spyware

According to Citizen Lab, a Canadian security organization based at the University of Toronto, Pegasus infected the phones of at least 51 people in Spain's Catalonia region. The New Yorker's Shalev Hulio reported that Spain has legal procedures in place to ensure such use is legal, but Citizen Lab reported that Pegasus attacks targeted "members of the European Parliament, Catalan presidents, legislators, jurists, and some family members." Catalonia is seeking political independence from Spain, but Spanish authorities have repressed the independence movement.

Despite the fact that the CIA and FBI were Pegasus customers, as reported by The New York Times in January, the US government is one of the most powerful forces unleashed against Pegasus. According to The Guardian, the US Justice Department launched a criminal investigation after a whistleblower claimed NSO Group offered "bags of cash" for sensitive mobile phone data from a US tech firm, Mobileum. According to Reuters and The New York Times, the spyware was discovered on the phones of at least nine State Department officials who were either based in Uganda or involved in matters pertaining to the African country.

Pegasus is the most recent example of how vulnerable we are to digital eavesdropping. Our phones store the most personal information about us, such as photos, text messages, and emails. Spyware can see directly into our lives, bypassing the encryption that protects data sent over the internet.

Pegasus has been a politically explosive issue, putting Israel under pressure from activists and governments concerned about the software's misuse. The US federal government took much stronger action in November, prohibiting the sale of US technology to NSO by placing the company on the government's Entity List. NSO has suspended Pegasus privileges for some countries, but has sought to defend its software and the controls it attempts to impose on its use. The NSO Group did not respond to a request for comment, and the Justice Department did not respond.

Here is everything you need to know about Pegasus.

What exactly is the NSO Group?

It is an Israeli firm that sells surveillance software to government agencies. Because encryption technology has enabled criminals and terrorists to go "dark," the company claims its Pegasus software provides a valuable service. The software runs in the background on smartphones, revealing what their owners are doing. Similar software is available from other companies.

In 2010, Hulio co-founded the company. NSO also provides tools for locating where a phone is being used, defending against drones, and mining law enforcement data for patterns.

Previous reports and lawsuits have implicated NSO in other hacks, including a reported hack of Amazon founder Jeff Bezos in 2018. In 2018, a Saudi dissident sued the company for allegedly hacking a device belonging to journalist Jamal Khashoggi, who was killed inside the Saudi embassy in Turkey that year.

The New Yorker article goes into detail about NSO Group's inner workings, such as its claim that Pegasus is similar to military equipment that countries routinely sell to other countries, the company's close ties to the Israeli government, and its recent financial difficulties. It was also revealed that NSO employees posted a detailed Google analysis of one Pegasus attack mechanism on the wall, concluding that its NSO's capabilities "rival those previously thought to be accessible to only a handful of nation states."

nso group pegasus spyware

What exactly is Pegasus?

NSO's most well-known product is Pegasus. According to The Washington Post, it can be installed remotely without requiring the surveillance target to open a document or click on a website link. Pegasus can record phone calls and reveal everything to the NSO customers who control it, including text messages, photos, emails, videos, and contact lists. According to The Washington Post, it can also secretly activate a phone's microphone and cameras to create new recordings.

General security practices such as software updates and two-factor authentication can help keep mainstream hackers at bay, but protection becomes extremely difficult when expert, well-funded attackers focus their resources on an individual. Pegasus installations have also used "zero click" attacks to silently install software by exploiting vulnerabilities in software such as Apple Messages or Meta's WhatsApp.

Pegasus isn't supposed to be used to track down activists, journalists, or politicians. According to the company's website, "NSO Group licenses its products only to government intelligence and law enforcement agencies for the sole purpose of preventing and investigating terror and serious crime." "Our vetting process goes above and beyond legal and regulatory requirements to ensure that our technology is used lawfully as intended."

Amnesty International, on the other hand, details how it linked compromised smartphones to NSO Group. Citizen Lab stated that it independently validated Amnesty International's findings after examining phone backup data, and that it has expanded its Pegasus investigations since 2021.

However, in September, Apple patched a security flaw that Pegasus used to install on iPhones. Malware frequently employs a collection of such flaws to gain a foothold on a device and then expand privileges to become more powerful. NSO Group's software is also compatible with Android phones.

Check for security

  • 7 facts about app security that data privacy experts wish you knew
  • You should immediately change the following browser privacy settings: Chrome, Firefox, and other browsers
  • A top Catholic church official in the United States has resigned in the wake of a scandal involving hacked cellphone data.
  • Change the following Venmo settings as soon as possible: Begin by keeping your transactions private.

pegasus spyware
photo : Pixels.com/ Pixabay

Why is Pegasus making headlines?

Forbidden Stories, a Paris-based journalism nonprofit, and Amnesty International, a human rights organization, shared a list of over 50,000 phone numbers for people thought to be of interest to NSO customers with 17 news organizations.

Many of the people on the list's identities and phone infections were confirmed by news outlets. According to The Washington Post, 37 of the 67 phones on the list showed signs of Pegasus installation or attempted installation. 34 of the 37 phones were Apple iPhones.

According to an international investigation released in mid-July by The Washington Post and other media outlets, the list of 50,000 phone numbers included 10 prime ministers, three presidents, and a king, though there is no proof that being on the list means an NSO attack was attempted or successful.

The incident hasn't helped Apple's reputation in terms of device security. Federighi stated, "We take any attack on our users very seriously." The company has stated that it will donate $10 million and any damages resulting from the lawsuit to organizations that advocate for privacy and conduct research on online surveillance. That's chump change for Apple, which reported a $20.5 billion profit in the most recent quarter, but it can be significant for much smaller organizations like Citizen Lab.

Pegasus infected whose phones?

Pegasus infected whose phones?

Pegasus discovered 63 phones were attacked and at least 51 were infected in the Catalan situation. According to the New Yorker, this included the phone of Jordi Solé, a pro-independence member of the European Parliament, digital security researcher Elies Campo, and Campo's parents.

The Guardian reported that, in addition to Mangin, two journalists from the Hungarian investigative outlet Direkt36 had infected phones.

The Washington Post reported that a Pegasus attack was launched on the phone of Hanan Elatr, the wife of murdered Saudi journalist Jamal Khashoggi, though it was unclear whether the attack was successful. However, the spyware did reach Khashoggi's fiancee, Hatice Cengiz, shortly after his death.

According to The Washington Post, seven people in India were found with infected phones, including five journalists and one adviser to an opposition party critical of Prime Minister Narendra Modi.

In November, Citizen Lab reported that six people working for Palestinian human rights organizations had Pegasus-infected phones.

What are the ramifications of the Pegasus situation?

The United States barred NSO Group from purchasing US products, a significant step given that the company requires computer processors, phones, and developer tools, all of which are frequently manufactured in the United States. NSO "provided spyware to foreign governments," which used it to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy employees.

"These tools have also enabled foreign governments to carry out transnational repression," according to the Commerce Department.

Apple sued NSO Group in November, requesting that the company's software be barred from being used on Apple devices, that NSO locate and delete any private data collected by its app, and that the profits from the operations be disclosed. "Private companies developing state-sponsored spyware have become even more dangerous," said Craig Federighi, Apple's software chief. Meta's WhatsApp had previously sued NSO Group in 2019.

According to Politico, French President Emmanuel Macron changed one of his mobile phone numbers and requested new security checks after his number appeared on a list of 50,000 numbers. To address the issue, he called a national security meeting. According to The Guardian, Macron also raised Pegasus concerns with Israeli Prime Minister Naftali Bennett, urging the country to investigate NSO and Pegasus. Pegasus' export licenses must be approved by the Israeli government.

Israel established a review commission to investigate the Pegasus situation. On July 28, Israeli defense authorities personally inspected NSO offices.

If the allegations are true, Pegasus use is "completely unacceptable," according to European Commission President Ursula von der Leyen. "Media freedom, free press, is one of the core values of the EU," she added.

In India, the Nationalist Congress Party demanded an investigation into Pegasus use.

In an interview with The Guardian, Edward Snowden, who leaked information about US National Security Agency surveillance practices in 2013, called for a ban on spyware sales. He contended that such tools would soon be used to spy on millions of people. "When it comes to devices like the iPhone, they all run the same software all over the world. So if they figure out how to hack one iPhone, they've figured out how to hack all of them "According to Snowden.

NSO Group company

What does NSO think about this?

NSO recognizes that its software can be abused. According to The Washington Post, it has cut off two customers in the last year due to concerns about human rights violations. In a June transparency report, NSO stated, "To date, NSO has rejected over US $300 million in sales opportunities as a result of its human rights review processes."

However, NSO strongly opposes any link to the phone number list. According to the company, "there is no link between the 50,000 numbers and NSO Group or Pegasus."

"Every allegation of system abuse concerns me," Hulio told the Post. "It betrays the trust we place in our customers. Every allegation is being investigated."

NSO denied the allegations in a statement "It claimed that Pegasus made "false claims" that were "based on a misleading interpretation of leaked data."

"Pegasus" cannot be used in the United States to conduct cybersurveillance "the organization added

NSO Group did not immediately respond to a request for comment on the alleged infection of State Department phones. However, it told Reuters that it has canceled relevant accounts, is investigating, and will take legal action if misuse is discovered.

NSO will attempt to overturn the US government's sanction. "We look forward to presenting the full picture of how we have the world's most rigorous compliance and human rights programs based on the American values we deeply share, which have already resulted in multiple terminations of contacts with government agencies that misused our products," an NSO spokesperson said.

According to The Washington Post, NSO previously barred Saudi Arabia, Dubai in the United Arab Emirates, and some Mexican government agencies from using the software.

How do I know if my phone is infected?

Amnesty International released an open-source utility called MVT (Mobile Verification Toolkit) to detect Pegasus traces. The software analyzes data, including backup files exported from an iPhone or Android phone, on a personal computer.

Next Post Previous Post
No Comment
Add Comment
comment url