Pegasus spyware

 Hello guys Pytools here back again with another Artical,  in this article we are going to discus about Pegasus spyware and how you can secure yourself from this kind of spywares. 

 

so first let us understand 

                                                what is spyware?

Spyware is software with malicious behavior that aims to gather information about a person or organization and send it to another entity in a way that harms the user. For example, by violating their privacy or endangering their device's security.

                    In Short spyware spy on us and send our information to the attackers. 

 

                  What is Pegasus spyware?

The Pegasus Spyware, created by the Israeli cyber intelligence firm NSO Group, is also designed to hack the computers or mobile devices to gain access to the device and retrieve the data from it without the user’s consent and then deliver it to the third party who is actually spying on you. However, the parent organization of this Pegasus Spyware claims that it is intended to help government authorities to be used against terrorists and criminals by spying on them.

                        

                         How is Pegasus spyware installed?

  

Basically There Are Two Methods via which hackers can install Pegasus spyware on your system :

 

  Social Engineering & Phishing :

Social engineering attacks typically involve some form of psychological manipulation, fooling otherwise unsuspecting users or employees into handing over confidential or sensitive data. Commonly, social engineering involves email or other communication that invokes urgency, fear, or similar emotions in the victim, leading the victim to promptly reveal sensitive information, click a malicious link, or open a malicious file. Because social engineering involves a human element, preventing these attacks can be tricky for enterprises.

 

   Zero click Vulnerability:

           Let us tell you that this Pegasus Spyware attacks the devices so seamlessly that even the device owner might not have any idea about it. You can better understand this with a situation like even a WhatsApp missed call (yes, you heard it right….a missed call) can make the Pegasus Spyware hack your device. Other than that, based on various standard reports, it has been observed that Pegasus is using a variety of endpoints to attack the devices such as it is using iMessage to attack iPhones.  

The noticeable thing here is that it follows the zero-click method i.e, the device owner even isn’t required to click on the message, mail, link, etc. or to give any input to make the malware work. On top of that, if the user finds something suspicious and deletes the message – the spyware would still infect the device.

In short zero click means without clicking or doing anything it get directly installed on your system.

 

          How Pegasus spyware infects a device ?

once the Pegasus gets into your smartphone, now your text messages & contacts, photos, passwords, etc. can be accessed by the other party. In fact, the access is given to such an extent that even your device mic or camera can also be operated by the one who’s is spying on you very conveniently. The Pegasus Spyware can even access the end-to-end encrypted messages or files as it can now steal them before the encryption or after the decryption.

 

 let us understand by this figure: 

 

 









  

          According to our research

 

1.)  We identify that NSO Pegasus infections associated with 33 of the 36 Pegasus

operators we identified in 45 countries: Algeria, Bahrain, Bangladesh, Brazil, Canada,Cote d’Ivoire, Egypt, France, Greece, India, Iraq, Israel, Jordan, Kazakhstan, Kenya, Kuwait, Kyrgyzstan, Latvia, Lebanon, Libya, Mexico, Morocco, the Netherlands, Oman, Pakistan, Palestine, Poland, Qatar, Rwanda, Saudi Arabia, Singapore, South Africa,Switzerland, Tajikistan, Thailand, Togo, Tunisia, Turkey, the UAE, Uganda, the United Kingdom, the United States, Uzbekistan, Yemen, and Zambia. As our findings are based on country-level geolocation of DNS servers, factors such as VPNs and satellite Internet teleport locations can introduce inaccuracies.

 

2.) it has been said that a leaked list of 50,000 phone numbers of potential surveillance targets was obtained by Paris-based journalism nonprofit Forbidden Stories and Amnesty International.

 

leaked file:

 

https://docs.google.com/spreadsheets/d/1lUv-hoQWGZagZi-8DbX9bLiC_WUWpL-o3f7NRyZmA04/edit?usp=sharing

 

 

3.) According to a commercial breakdown, NSO charges government agencies $650,000 to spy on 10 iPhone users; $650,000 for 10 Android users; $500,000 for five BlackBerry users; or $300,000 for five Symbian users — on top of the setup fee. One can pay for more targets.

 

 

Source : https://timesofindia.indiatimes.com/business/india-business/pegasus-snooping-how-costly-is-the-israeli-spyware/articleshow/84893498.cms


That's all for today guys in 

  hope you are enjoying our content and also get understand about pegasus spyware.

 guys Please don't forget to follow us on Instagram and GitHub and do like our content on Instagram.

 https://instagram.com/__pytools__

https://GitHub.com/pytools786


 

Comments

Post a Comment

Popular posts from this blog

what is log4j vulnerability

                                On December 9th, 2021, the world was made aware of a new vulnerability identified as CVE-2021-44228, affecting the Java logging package log4j . This vulnerability earned a severity score of 10.0 (the most critical designation) and offers remote code trivial remote code execution on hosts engaging with software that utilizes this log4j version. This attack has been dubbed "Log4Shell" .   What is the Log4j Vulnerability: Log4j is an extremely popular Apache library used by millions of Java programs and applications. As a result, the actual number of internet-facing applications exposed to the Log4j vulnerability is almost impossible to quantify. Researchers have noted that the vulnerability is likely to impact products and services provided by tech giants such as Apple, Amazon, Steam, Tesla, and Twitter.  The Log4j exploit allows threat act...
Read more

Secure your system from Pegasus spyware

  in last article we have discuss about pegasus spyware now let us understand how you can protect your system from this kind of spywares. There are several means of securing your device from Pegasus, starting from developing good technology practices. Always update your operating system to the latest version. Apple and Google regularly release updates which include security patches for vulnerabilities and malware. Both Apple and Google have released fixes for Pegasus. Apple released a patched version of iOS (starting from iOS 9.3.5) and Google has put in place specific controls to mitigate Pegasus on most Android OS’s (starting April 2017). Pegasus spyware (as well as all sorts of other malware) infiltrates phones by way of the phone user clicking a link in a text message, email, Twitter post, or any other means. When receiving any message with a link, make sure you are familiar with the person sending the link and actually verify that the message along with the link is c...
Read more