top of page
  • Writer's pictureMichael Paulyn

Pegasus Spyware: How it Can Hack Your Phone, And You Won't Even Know it

Updated: Aug 11, 2022

Cybersecurity is one of the hottest topics for any business and for a good reason. Malicious software like Pegasus Spyware makes business leaders reconsider what it means to keep their computer networks secure and safe. In the blog, I go over Pegasus Software, how it works, and why it's truly the most dangerous cyberweapon ever.

Snapshot On How It Works

The Israeli firm known as the NSO Group continues to up its capabilities and technical approaches to breach into devices of high-powered individuals. Using a zero-click attack approach, Pegasus spyware has become the status of deadliest spyware available on the market, using a zero-click attack approach. Users can be victims and not even know it.

The strategy is known as a "zero-day" vulnerabilities test, where Pegasus spyware enters the device and seamlessly locates any bugs or weak points within the operating system. The spyware effortlessly exploits these flaws and pulls all sensitive information.

Reports of Recent Attacks

Recently, in 2019 WhatsApp found that NSO had tampered with the communication app and been using it to send malware to over 1,400 phones using this zero-day vulnerability strategy. How NSO did this was by placing a call to the WhatsApp app on the specific device that is the target. Pegasus spyware was installed on the phone, even if the call wasn't answered.

Reports have found that NSO has started looking for weak points on Apple's iMessage software, checking for the potential to access devices through a backdoor approach on iPhones. Apple has taken the necessary steps to add constant updates to its devices to avoid device breaches.

Ongoing Research

But there is hope; Claudio Guarnieri, who heads Amnesty International's Berlin-based Security Lab, has done some ongoing technical research and found evidence of breadcrumbs indicating how Pegasus will show up on a device what it leaves behind. Guarnieri states that as things become more complex for targets to find if they've been a victim of spyware, so does the technical research side.

NSO stopped sending out suspicious SMS messages to devices and opted for a stealth approach using their now favored subtle zero-click attack strategy, allowing them to attack more devices faster. Like NSO and its competitors, many firms prefer using these backdoor approaches that target apps like WhatsApp or iMessage are perfect, many of these attacks being as recent as July 2021.

These technical studies have found that Pegasus' attacks have gone beyond just zoning in on WhatsApp and iMessage applications but are now targeting other mundane, common apps. Guarnieri notes that he and his team found that there have been "peculiar network traffic" changes when it comes to Apple's Photos and Music app during times of infections on devices.

We Aren't in The Clear Yet.

NSO has backup strategies to summon when spear-phishing or zero-click attacks fail quickly. Pegasus is free to go on to any device through a wireless transceiver located close to the device. This breach is done manually by installing an "agent that can steal the target's phone."

After that, Pegasus can go to work by pulling any sensitive information and removing it from the smartphone once it is said and done. Everything is up for grabs, whether text message history, contact information, email information, call history, or calendar appointments.

In the end, Pegasus can compromise an iPhone fully, and it's done so that it can access information that even the actual phone's users can't find themselves. It's insane that malicious software could find data that isn't even available to the owner.

NSO and Its Courtroom Battles

At this very moment, highly paid lawyers representing NSO are claiming that Amnesty International's technical report is speculative at best; the funny part is that they didn't fight any of the report's findings or conclusions.

NSO has done an incredible job of investing tons of money and hours to make Pegasus Spyware infections and attacks almost impossible to find. Research shows that the most recent versions of these attacks will usually enter and stay in the phone for a short time, hanging out in the device's temporary memory.

Once the phone is off, it's nearly impossible to find any trace of this malicious spyware; it just disappears. This lack of evidence for researchers makes it challenging to present reporters, human rights lawyers, or politicians with the evidence needed to fight these attacks. As far as the evidence shows, they don't exist.

Hungry for more? Join me each week, where I'll break down complex topics and dissect the latest news within the cybersecurity industry and blockchain ecosystem, simplifying the world of tech.

11 views0 comments


bottom of page