Explained: NSO Group’s Explosive Pegasus Spyware

Nearly all of us have our daily lives on our cell phones. We’re dependent and connected to smartphones like never before. Tapping into a smartphone is like hacking into your brain and discovering things that are otherwise kept private.

As technology evolves, surveillance tools keep getting more innovative and discreet. The same tools that can legitimately be used for law enforcement or counterintelligence are now being covertly used against people.

Surveillance entities keep insisting they don’t use their tools for illegitimate purposes. Still, companies such as the Israeli NSO Group are global vendors for regimes, whatever stripe or colour, for surveillance tools to spy on those they deem of interest.

Edward Snowden’s surveillance revelations have exposed a warrantless world of mass surveillance, causing a global rush towards encryption. However, companies such as the NSO Group defy encryption algorithms put in place for user privacy.

The NSO Group

Named after the company’s founders, Niv, Shalev and Omri, the NSO Group is an Israeli private technology firm operating since 2010. The company makes malicious software that governments use to target your smartphones, gather data, and sell that valuable data to governments worldwide.

The NSO Group employs almost 500 people and is based in Herzliya, near Tel Aviv, Israel. The firm’s spyware called Pegasus enables remote surveillance by breaking into devices; usually, a smartphone gathers your precise location, read emails, access social media, contact details, read messages, activate a microphone, and so much more.

Recently, it has come to light that the Pegasus software created by the NSO Group has been used in premeditated attacks against human rights activists and journalists in multiple countries worldwide. From state espionage against Pakistan to playing a significant role in the murder of Saudi dissident Jamal Kashoggi, the software has received widespread criticism.

What is Pegasus?

Pegasus is spyware developed by the Israeli cyber intelligence firm NSO Group. The spyware can be covertly installed on smartphones (iOS and Android) and other internet-enabled devices.

The name of the spyware is inspired by the mythical winged horse Pegasus. The Trojan horse can be deployed to infect devices by conveniently flying through the air.

Pegasus is perhaps the most powerful spyware tool ever developed by a private company. Once it navigates its way onto your smartphone, it is capable of turning your smartphone into 24-hour surveillance without you ever finding out about the active spyware running in the background.

When Was Pegasus Spyware Discovered?

Security researchers discovered Pegasus in August 2016. The spyware was exposed on an iOS device of an Arab human rights defender Ahmed Mansoor. He received a text message guaranteeing “secrets” about the ongoing torture in prisons in the United Arab Emirates. The message only required you to click the attached link to reveal the supposed secrets.

Mansoor was smart enough not to click the link and sent it over to Citizen Lab. With the collaboration of Lookout, the investigation revealed that if Mansoor had clicked the link, his iPhone would have been jailbroken, and the spyware would have downloaded itself in the background. Citizen Lab linked the attack to the NSO Group.

Although the Pegasus spyware has only recently come to light, The New York Times and The Times of Israel reported that the United Arab Emirates was using this spyware as early as 2013.

What is Pegasus Capable Of?

Pegasus can read text messages, track calls, collect passwords, location tracking, access the target device’s microphone and camera, and gather additional information from apps on a user’s device.

The initial version of Pegasus infected smartphones and devices via a spear-phishing text message or an email. The message or the email would trick a target into clicking a malicious link which would install the spyware and begin spying on the user.

Since then, NSO’s attack capabilities have significantly advanced. Pegasus infections can be achieved via “zero-click” attacks, which do not require any human interaction to infect the device.

How Does Pegasus Work?

The spyware exploits undiscovered vulnerabilities, or bugs, in Android and iOS software. The spyware doesn’t target a specific exploit but rather a suite of exploits to infiltrate a device and activate itself.

Once installed, Pegasus has been reported to be able to run arbitrary code, extract contacts, call logs, messages, photos, web browsing history, settings, as well as gather information from apps including but not limited to communications apps iMessage, Gmail, Viber, Facebook, WhatsApp, Telegram, and Skype.

Edward Snowden on Pegasus Spyware

Edward Snowden claims that surveillance companies operating around the globe have created an industry that should not exist. Here’s more on his reactions to the Pegasus spyware:

Pegasus Found on Jamal Khashoggi’s Fiancée’s Phone

Jamal Khashoggi was a Saudi Arabian journalist, dissident, author and columnist for The Washington Post. He was brutally assassinated at the Saudi consulate in Istanbul on October 2nd, 2018. His assassination has raised serious questions regarding the involvement of notable personnel in the Kingdom.

Washington Post reporter Dana Priest is working on the collaboration, known as “The Pegasus Project.” She travelled to Turkey to verify if Pegasus had been used to surveil Khashoggi’s fiancée, Hatice Cengiz.

NSO’s Stance

The NSO Group has responded to the recent revelations with the following statement:

In light of the recent planned and well-orchestrated media campaign lead by Forbidden Stories and pushed by special interest groups, and due to the complete disregard of the facts, NSO is announcing it will no longer be responding to media inquiries on this matter, and it will not play along with the vicious and slanderous campaign.

NSO argues that the recent uproar over its Pegasus spyware is being blown way out of proportion and that the media is completely fabricating the facts. The company maintains its position that it’s a technology company and does not operate the system nor has access to customers’ data.

The company further stated:

NSO will continue its mission of saving lives, helping governments around the world prevent terror attacks, break up paedophilia, sex, and drug-trafficking rings, locate missing and kidnapped children, locate survivors trapped under collapsed buildings, and protect airspace against disruptive penetration by dangerous drones.

Mindful of the Pegasus spyware case, the French President, Emmanuel Macron, has changed his mobile phone and phone number. The presidency official said this does not mean that Macron has been spied on as it’s just an additional security measure.

How to Stay Secure from the Pegasus Spyware?

While ordinary people won’t be targeted by something as sophisticated as Pegasus, it’s only a matter of time an ordinary individual becomes a person of interest.

There are several ways to improve your online security on your smartphone and keep your online activities private:

•       How to Stop Someone From Spying On Your Cell Phone
•       What is Social Engineering? Attacks Examples And Prevention Tips
•       What is Tor? Is it Safe to Use?
•       10 Online and Mobile Security Tips to Keep You Protected

 This is a developing story. We will keep updating it as more is revealed about The Pegasus Project.