Pegasus is spyware developed by the Israeli cyber arms firm NSO Group that can be covertly installed on mobile phones running most versions of iOS and Android. The 2021 Project Pegasus revelations suggest that the current Pegasus software can exploit all recent iOS versions up to iOS 14.6.
NSO Group was previously owned by American private equity firm Francisco Partners. However, it was bought back by its founders in 2019. The company states that it provides “authorized governments with technology that helps them combat terror and crime.” NSO Group has published sections of contracts which require customers to use its products only for criminal and national security investigations and has stated that it has an industry-leading approach to human rights.
According to information security specialists, at least 50 thousand devices have been infected around the world with this spyware. Pegasus is very dangerous as it allows to take full control of the smartphone, secretly read correspondence, wiretap phone conversations, view photos and videos.
The worst part is that the popular antiviruses cannot detect Pegasus since this malware exploits zero-day vulnerabilities that are unknown to the developers of operating systems and antivirus applications.
A phone infected with the Pegasus spyware can provide an uncomfortably detailed look into a victim’s life. Clients that use it can collect location data, call logs, and contacts. The phone’s camera and microphone can also be highjacked to monitor the victim. Pegasus is frighteningly easy to install and infects phones by either tricking an individual into clicking a link or activating itself without any clicks at all.
The human rights organization Amnesty International has developed a utility that allows one to identify this malware. It is called MVT (Mobile Verification Toolkit), and its source code is available on GitHub. The MVT utility is compatible with Android and iOS, but there are no ready-made solutions for the quick installation of the application. They need to be compiled for a specific device, which can be done only on a computer with Linux or macOS.
The utility saves a backup copy of the data from the smartphone on the computer, scans all data and checks if the device is infected with the Pegasus spyware, and informs the user if information from his device could be compromised and transferred to third parties.
The ‘Pegasus Project’, a global consortium of 17 media organizations including Indian news, suggests that India is among the 45 countries using a malware developed by the Israel-based NSO group.