Pegasus: All you need to know

This isn’t the Greek mythical winged divine horse we are talking about, but rather the spyware created by the Israeli cyberarms firm NSO Group reportedly used to spy on Indians.

This spyware was stumbled upon in August 2016 following an unsuccessful endeavor to install it on an iOS, which belonged to a human rights activist Ahmed Mansoor that led to an investigation revealing aspects about the spyware, its potential, and the security vulnerabilities it exploited. 

How does it hack the phones?

Initially thought to only infect the iOS, but later it was discovered that Pegasus was able to infiltrate both the iOS and the Android devices. This spyware can smoothly hack your mobile devices without any overt signs or signals. It is a sophisticated software which has some anti-forensic and self-destruct features, rendering it difficult to detect. Even if uninstalled later, it doesn’t leave any traces making it seem like the device was never attacked.

This program is introduced into the devices when a malicious link is downloaded; adhere to the security experts advice and do not to click on unknown links.

Additionally, it can be installed into the targets phone by a simple missed video call on WhatsApp, which would then go on to modify the call logs so that the user remains unaware of the missed call. 

What does the spyware do? 

Upon installation this malware runs arbitrary code to extract contacts, call logs, messages, photos, web browsing history, settings, steal passwords, it accesses the phone's camera, microphone, video call or voice call information and GPS, also gathers information from apps including Gmail, Facebook, WhatsApp, Telegram, and Skype. In other words, it snoops on every aspect of the victim’s life.

According to Citizen Lab of University of Toronto, "This malware is designed to evade forensic analysis, avoid detection by anti-virus software, and can be deactivated and removed by operators remotely."

What to do when infected with Pegasus? 

According to many expert specialist and analyst the only way to get rid of the spyware completely is to get a new device that is get rid of the old one ASAP.

Make sure that in the new device all the installed apps are up-to-date and have the latest software version.

Citizen Lab has reported that even a Factory Data Reset is not able to get rid of the malware. It continues to let the predator access the online accounts even after the device is malware free.

To guarantee the safety of the online accounts, change all the passwords of the cloud-based applications and services, which was previously being used on the malware contaminated phone.

Is the malware a worry to all?

As already stated this spyware is pretty sophisticated therefore, not everybody needs to worry because Pegasus is a targeted surveillance tool. It is quiet hefty on one's pocket (millions of dollars), in addition to an expertise handling and is most likely to be used only by big organisations and governments. In other words, Pegasus like software that is target specific is generally used against journalists, lawyers, top business leaders, politicians, and people who might have access to top-secret information.

If you don’t belong to this crowd, chances are you or your phone will not come across this malware.