Spyware is nothing but a Software that is malicious or in Cybersecurity
terms its a malware that is installed in the end user’s computing devices. In
today’s tech era any software is said to be spyware if it is installed without
any user’s authorization.
Spyware is one of the most common threats to internet users as to when installed it starts monitoring the internet activities, keeps track of login credentials and can spies on sensitive information. It can violate the end user’s privacy and has the potential to be abused.
Some types of spyware can install additional software and can change the
settings on your device, so it’s important to use secure passwords and keep
your devices updated.
How Spyware gets
into your Computers or Mobile devices
Spyware can affect Computers or Mobile devices, iOS or Android. Although
with the increased rate of Android devices, they are more suspectable to be
attacked. Spyware can infect your system in the same way as any other form of
Spyware usually gets into the system because you have done something,
like clicking on some pop-up, installing software or application from an unreliable
source, agreeing to add some functionalities into the application, pirated
games or music or any video, or accepting and opening email attachments from an
What is Pegasus
The name Pegasus depicts a mythical winged divine horse that has magical
power and the most recognized creature in Greek mythology. Same magical power
this spyware holds when it gets into the system.
Pegasus is a spyware that can be installed on devices running certain of
iOS and Android, developed by Israeli Cyberarms firm, NSO Group. The spyware is
transmitted into the system by WhatsApp application that everybody uses by
sending a message with some link in its content so that when a user clicks on
the link the spyware enters into the device or by just calling the target phone
regardless of the call not being answered and the log of that call gets erased.
According to The Citizen’s Lab of the University of Toronto, which worked with WhatsApp
on identifying spyware victims, these are the only ways of delivering Pegasus.
It notes several other cases such as alarming SMSs that prompt targets to click
on a link.
Details of this Spyware: Pegasus secretly enables a
jailbreak on the devices and can read text messages, track calls, collect
passwords, turn on the cameras, trace the phone location, as well as gather
information from apps including (but not limited to) iMessage, Gmail, Viber,
Facebook, WhatsApp, Telegram and Skype.
The exploit impacted WhatsApp for Android prior to v2.19.134,
WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to
v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows
Phone prior to v2.18.348, and WhatsApp for Tizen (which is used by Samsung devices)
prior to v2.18.15.
Indian Journalist, activists were spied on using the Israeli
Pegasus is in news since 2016, the file reports on Pegasus spyware
operations emerged in 2016 when a human right activist in the UAE was targeted
with an SMS link on his iOS phone. The Pegasus tool at that time exploited
software in the device and took over the mobile. Apple responded with the
security patch to fix the issue.
Of the 1,400 users affected were Indian
journalists and human rights activists have been the target of surveillance and
at least two dozen were academics, lawyers, Dalit activists in India. WhatsApp
had contacted and alerted the targets that they had been under “state-of-the-art
surveillance for a two-week period until May 2019.” In May, WhatsApp
updated the app and launched a probe into how the hack worked and affected
The latest disclosure by WhatsApp comes after the
company announced that it was suing NSO Group, an Israeli surveillance firm
that is reportedly behind the technology that helped government spies to hack
into phones of roughly 1,400 users. These users span across four continents and
included diplomats, political dissidents, journalists, and senior government
In September 2018, The Citizen Lab, an
interdisciplinary lab based at the Munk School of Global Affairs & Public
Policy, University of Toronto, showed that Pegasus delivers “a chain of zero-day
exploits* to penetrate security features on the phone and installs Pegasus
without the user’s knowledge or permission”. Pegasus spyware’s operations were
live in 45 countries at the time.
*(A “zero-day exploit”
is a completely unknown vulnerability, about which even the software
manufacturer is not aware, and there is, thus, no patch or fix available for
it. In the specific cases of Apple and WhatsApp, therefore, neither company was
aware of the security vulnerability, which was used to exploit the software and
take over the device.)
After confirmation, WhatsApp sued the NSO Group in
a federal court in San Francisco, accusing it of using WhatsApp servers in the
United States and elsewhere to send malware to approximately 1,400 mobile
phones and devices for the purpose of conducting surveillance of specific
WhatsApp users or Target Users. The surveillance
was carried out “between in and around April 2019 and May 2019” on users
in 20 countries across four continents,
WhatsApp said in its complaint.
NSO denied the
“In the strongest possible terms, we dispute today’s
allegations and will vigorously fight them,” NSO said in a statement. “The sole
purpose of NSO is to provide technology to licensed government intelligence and
law enforcement agencies to help them fight terrorism and serious crime.”
What is the NSO
It was founded by two Israelis —
Shalev Hulio and OmriLavie. Both of them are on the company’s board. Lavie
also co-founded Kaymera,
a company that creates super-secure phones for government officials. So NSO
Group and Kaymera offer complementary products. According to Forbes,
Kaymera and NSO’s offices are located next to each other.
Its other directors include citizens
of the USA, UK, Germany, and Israel. Its senior advisors include Tom Ridge, the
first American Secretary of Homeland Security, Gerard Araud, a French diplomat,
Juliette Kayyem, faculty chair of Harvard’s Homeland Security Programme, and
Daniel Reisner, the former head of Israel Defence Forces’ International Law
According to its website, NSO Group, which also goes by Q Cyber Technologies, develops technology to “help government agencies detect and prevent terrorism and crime”. As per the website, the products are used exclusively by government intelligence and law enforcement agencies to fight crime and terror.
To be Continued…