Updated: Jul 23
A global collaborative investigative project has discovered that Israeli spyware Pegasus was used to target thousands of people worldwide. In India, at least 300 people are believed to have been targeted.
What is Pegasus?
Spyware is any malicious software designed to enter your computer device, gather your data, and forward it to a third party without your consent.
Pegasus, developed by NSO Group, is perhaps the most powerful spyware ever created. It is designed to infiltrate smartphones — Android and iOS — and turn them into surveillance devices.
The Israeli company markets it as a tool to track criminals and terrorists — for targeted spying and not mass surveillance.
NSO Group sells the software only to vetted foreign governments.
A single license, which can be used to infect several smartphones, can cost up to Rs 70 lakh. According to a 2016 price list, NSO Group charged its customers $650,000 to infiltrate 10 devices, plus an installation fee of $500,000.
Pegasus spyware was first discovered in an iOS version in 2016 and then a slightly different version was found on Android.
How does Pegasus Work?
Pegasus can infect devices that are connected to the internet.
Pegasus exploits undiscovered vulnerabilities, or bugs, in Android and iOS. This means a phone could be infected even if it has the latest security patch installed.
Most spyware and stalkerware apps disguise themselves as Anti-theft apps, due to which they remain undetected by antivirus & send out stolen data to central servers without the knowledge of users.
How does it infect a device?
For spyware apps, the easiest method is to disguise the spying code inside the unauthorised versions of premium versions.
Stalkerware apps seek explicit permissions at the time of their installation.
Pegasus could infiltrate a device with a missed call on WhatsApp and could even delete the record of this missed call, making it impossible for the user to know they had been targeted.
Pegasus also exploits bugs in iMessage, giving it backdoor access to millions of iPhones.
The spyware can also be installed over a wireless transceiver (radio transmitter and receiver) located near a target.
What spyware can do?
Once installed on a phone, Pegasus can intercept and steal more or less any information on it, including SMSs, contacts, call history, calendars, emails, and browsing histories.
It can use your phone’s microphone to record calls and other conversations, secretly film you with its camera, or track you with GPS.
Why Pegasus is unique?
Zero Click Technology
Impossible to detect
Self Destruction Ability
Complete command over phone
Infects all operating system
Evolution of Pegasus Spyware
2016: Researchers at Canadian cybersecurity organisation The Citizen Lab first encountered Pegasus on a smartphone of human rights activist Ahmed Mansoor.
September 2018: The Citizen Lab published a report that identified 45 countries in which Pegasus was being used. As with the latest revelations, the list included India.
October 2019: WhatsApp revealed that journalists and human rights activists in India had been targets of surveillance by operators using Pegasus.
July 2021: The Pegasus Project, an international investigative journalism effort, revealed that various governments used the software to spy on government officials, opposition politicians, journalists, activists, and many others. It said the Indian government used it to spy on around 300 people between 2017 and 2019.
Targets of Pegasus
Media outlets said they had identified more than 1,000 people in over 50 countries whose numbers were on the list.
They include business executives, activists, politicians and heads of state, and many royal family members of Arab.
More than 180 journalists were also found to be on the list, from organisations including the New York Times, CNN, and Al Jazeera.
According to the reports, many of the numbers were clustered in 10 countries: Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, and the United Arab Emirates.
Human Rights activists, journalists, and lawyers around the world have been targeted with phone malware sold to authoritarian governments by an Israeli surveillance firm.
Indian ministers, government officials, and opposition leaders also figure in the list of people whose phones may have been compromised by the spyware.
In 2019, WhatsApp filed a lawsuit in the US court against Israel's NSO Group, alleging that the firm was incorporating cyber-attacks on the application by infecting mobile devices with malicious software.
Steps were taken in India
Cyber Surakshit Bharat Initiative: It was launched in 2018 with an aim to spread awareness about cybercrime and building capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.
National Cybersecurity Coordination Centre (NCCC): In 2017, the NCCC was developed to scan internet traffic and communication metadata (which are little snippets of information hidden inside each communication) coming into the country to detect real-time cyber threats.
Cyber Swachhta Kendra: In 2017, this platform was introduced for internet users to clean their computers and devices by wiping out viruses and malware.
Indian Cyber Crime Coordination Centre (I4C): I4C was recently inaugurated by the government.
National Cyber Crime Reporting Portal has also been launched pan India.
Computer Emergency Response Team - India (CERT-IN): It is the nodal agency which deals with cybersecurity threats like hacking and phishing.
International Telecommunication Union (ITU): It is a specialized agency within the United Nations which plays a leading role in the standardization and development of telecommunications and cybersecurity issues.
Budapest Convention on Cybercrime: It is an international treaty that seeks to address Internet and computer crime (cybercrime) by harmonizing national laws, improving investigative techniques, and increasing cooperation among nations. It came into force on 1st July 2004.
How can one detect Pegasus Virus?
Researchers at Amnesty International have developed a tool to see whether your phone is targeted by spyware. The tool is called Mobile Verification Toolkit (MVT), the tool is aimed to help you identify if the Pegasus spyware has targeted your phone. It works with both Android and iOS devices.
What precautions can one take?
The best one can do is to stay up to date with every operating system update and security patch released by device manufacturers, and hope that zero-day attacks become rarer. And if one has the budget, changing handsets periodically is perhaps the most effective, if expensive, remedy.
NSO's stand on this issue
The NSO has said that it sells its technologies only to law enforcement and intelligence agencies of governments for the purpose of saving lives through preventing crime and terror acts.
The group said, It does not operate the system and has no visibility to the data.
As per the company’s website, NSO products are used exclusively by government intelligence and law enforcement agencies to fight crime and terror.