Pegasus spying: how Pegasus is installed on phone, what it does, and how to get rid of it

Pegasus spying: how Pegasus is installed on phone, what it does, and how to get rid of it

Pegasus spyware, developed by NSO can infect a phone via a website link or a WhatsApp call. Pegasus has been referred to as the most sophisticated smartphone attack ever.

(Image courtesy: Reuters) (Image courtesy: Reuters)
Story highlights
  • Pegasus can be installed on vulnerable phones through a web link or a missed call.
  • The spyware can steal passwords, contacts, text messages, and photos.
  • The only way to avoid Pegasus after it has infected a phone is by getting rid of the phone.

Pegasus, developed by Israeli cybersecurity firm NSO Group, is a highly sophisticated spyware that has been referred to as the "most sophisticated smartphone attack ever". It was first noticed in 2016 but created a lot of buzz in late 2019 when it was revealed that the spyware was used for snooping on journalists and human rights activists across the globe, including in India.

Now it is in news because on Sunday evening a number of news websites, including the Washington Post and the Guardian, claimed that over 10 governments are using this spyware to spy on journalists, activists and other key media personalities. In India, according to the reports, over 40 journalists were under surveillance using Pegasus.

How is Pegasus installed on a phone?

Pegasus was initially used to gain access to a phone through a malicious web link through a message or email. Once a user clicked on the link, Pegasus would be installed on the phone. But then the spyware also gained some new abilities. Researchers found that it could be even installed on the phone with just a missed WhatsApp call.

Moreover, once Pegasus had access to the device, it could delete any call logs, thus making it virtually impossible for the victim to know that their phone was a target by the spyware.

What can Pegasus do?

According to cyber security researchers, following its installation, Pegasus contacts control servers that enables it to relay commands and gather information from the infected device. Stealing passwords, contacts, text messages, and accessing the phone's camera, microphone, and GPS, and other information with voice or video calls made through Whatsapp are well within its capabilities.

According to Citizen Lab of University of Toronto, "This malware is designed to evade forensic analysis, avoid detection by anti-virus software, and can be deactivated and removed by operators remotely."

Kaspersky researchers called it a tool for total surveillance. They wrote in 2017: "Pegasus is modular malware. After scanning the target's device, it installs the necessary modules to read the user's messages and mail, listen to calls, capture screenshots, log pressed keys, exfiltrate browser history, contacts, and so on and so forth. Basically, it can spy on every aspect of the target's life."

How to get rid of Pegasus?

Several cybersecurity analysts and experts have pointed out that the only way to get completely rid of Pegasus is to discard the phone that has been affected. According to Citizen Lab, even factory resetting your smartphone will not be useful as it cannot get rid of the spyware completely.

The attackers can continue to access your online accounts even after your device is no longer infected. Thus, the only way to get rid of Pegasus completely is to discard the phone and to ensure that all the apps which you reinstall on your new phone are up to date.

In order to ensure your online accounts are safe, you should also change the passwords of all the cloud-based applications and services that you were using on the infected device.

Should you worry about Pegasus?

Not really. There are two reasons for that. Though you should worry -- and should always do -- about digital privacy.

One, Pegasus is old spyware now. It has been well-researched, and companies like WhatsApp, Apple, Google, Microsoft and others have patched the security loopholes in their software that earlier allowed Pegasus to do its work. Unfortunately, though, this doesn't mean there are no new variants of Pegasus out there. It is possible that new variants of Pegasus or some similar spyware are still potent.

But you should still not worry because Pegasus or something like Pegasus is a targeted surveillance tool. It is expensive to purchase — think millions of dollars and requires sophisticated handling — and hence is likely to be used only by big organisations and governments. At any given point in time, these tools are supposed to be used only against hundreds or thousands of people. Or even fewer. In other words, Pegasus like software is primarily used against journalists, lawyers, top business leaders, politicians, and people who are likely to have access to top-secret information. If you are not one of them, chances are you or your phone will not encounter something like Pegasus.

Published on: Jul 18, 2021, 10:35 PM IST
Posted by: BT Siteadmin, Jul 18, 2021, 10:33 PM IST