![](https://i.imgur.com/CLvY2jA.png")
24-09-2021, 10:43 AM
Aqil Haziq Mahmud
24 Sep 2021 06:20AM
(Updated: 24 Sep 2021 06:21AM)
......
The company, NSO Group, produces Pegasus, a type of malware that infects iPhones and Android devices to enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones.
The data leak contained more than 50,000 phone numbers suspected to be infected with Pegasus.
......
Notable individuals in this list include French President Emmanuel Macron, Financial Times editor Roula Khalaf and people close to slain Saudi dissident Jamal Khashoggi.
......
NSO ...... insisted that Pegasus is only intended for use against criminals and terrorists, and that it only sells to military, law enforcement and intelligence agencies in 40 unnamed countries.
......
HOW DOES PEGASUS INFECT A PHONE?
While earlier versions of the software used targeted spear-phishing attacks to gain access to a phone, it has since been made far more efficient, and is able to infect a device even if nothing is clicked on.
......
For instance, Pegasus first creates a fake WhatsApp account, then uses it to make video calls. When an unsuspecting user's phone rings, a malicious code is transmitted that installs the spyware on the phone. The software is installed even if the call is not answered.
......
When Pegasus is installed on a phone, it could gain administrative privileges on a device, allowing it to do even more things than the device owner.
......
CAN PEGASUS BE IDENTIFIED AND REMOVED?
When Pegasus infects a phone, it hides itself but leaves some traces that can be spotted using specialised software, like the mobile verification toolkit published open source and free by Amnesty, Mr Kamluk said.
But to thoroughly check an iPhone, for instance, users would probably void their warranty as specialists would need to "jailbreak" the phone to check every single thing stored inside, Mr Kamluk continued.
"Of course, NSO Group will improve," he said. "So, everything that is detected right now – all these signs and traces that were picked up by Amnesty International and Citizen Lab – will be changed so that this tool will be blind to future versions of diagnosis (software)."
And because Pegasus burrows deep into parts of a device that require the highest privileges to access, Mr Kamluk said removing it will not be easy as uninstalling an app or stopping a service.
"If the phone is infected, that likely means that it will remain there for a long time. Depending on the exploits they have and the post-exploitation stages, it may actually get deeper and even survive the reboot or total reset of the (phone)," he added.
"Once the phone is breached, I would not recommend to use it to anyone who cares about privacy or security."
Better to read full report at: https://www.channelnewsasia.com/singapor...so-2185236
24 Sep 2021 06:20AM
(Updated: 24 Sep 2021 06:21AM)
......
The company, NSO Group, produces Pegasus, a type of malware that infects iPhones and Android devices to enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones.
The data leak contained more than 50,000 phone numbers suspected to be infected with Pegasus.
......
Notable individuals in this list include French President Emmanuel Macron, Financial Times editor Roula Khalaf and people close to slain Saudi dissident Jamal Khashoggi.
......
NSO ...... insisted that Pegasus is only intended for use against criminals and terrorists, and that it only sells to military, law enforcement and intelligence agencies in 40 unnamed countries.
......
HOW DOES PEGASUS INFECT A PHONE?
While earlier versions of the software used targeted spear-phishing attacks to gain access to a phone, it has since been made far more efficient, and is able to infect a device even if nothing is clicked on.
......
For instance, Pegasus first creates a fake WhatsApp account, then uses it to make video calls. When an unsuspecting user's phone rings, a malicious code is transmitted that installs the spyware on the phone. The software is installed even if the call is not answered.
......
When Pegasus is installed on a phone, it could gain administrative privileges on a device, allowing it to do even more things than the device owner.
......
CAN PEGASUS BE IDENTIFIED AND REMOVED?
When Pegasus infects a phone, it hides itself but leaves some traces that can be spotted using specialised software, like the mobile verification toolkit published open source and free by Amnesty, Mr Kamluk said.
But to thoroughly check an iPhone, for instance, users would probably void their warranty as specialists would need to "jailbreak" the phone to check every single thing stored inside, Mr Kamluk continued.
"Of course, NSO Group will improve," he said. "So, everything that is detected right now – all these signs and traces that were picked up by Amnesty International and Citizen Lab – will be changed so that this tool will be blind to future versions of diagnosis (software)."
And because Pegasus burrows deep into parts of a device that require the highest privileges to access, Mr Kamluk said removing it will not be easy as uninstalling an app or stopping a service.
"If the phone is infected, that likely means that it will remain there for a long time. Depending on the exploits they have and the post-exploitation stages, it may actually get deeper and even survive the reboot or total reset of the (phone)," he added.
"Once the phone is breached, I would not recommend to use it to anyone who cares about privacy or security."
Better to read full report at: https://www.channelnewsasia.com/singapor...so-2185236
