Pegasus Spyware

Context:

  • The story so far: On January 28, the New York Times published an article extensively detailing how Pegasus, a spyware developed by Israel-based NSO Group, has been used as a tool to firm up Israel’s interests across the globe.
  • The investigative article said that Israel got countries that had historically been against it on the Palestine issue to switch sides by offering this powerful spyware that can be deployed not only against drug traffickers and terrorists, but also against opposition activists and prying journalists.
  • The tool is cited as one of the reasons why the Abraham accords between Israel and its neighbouring Arab countries fell into place and won the blessing of Saudi Arabia.

About:

  • The Pegasus spyware can not only mop up information stored on phones such as photos and contacts, but also activate a phone’s cameras and microphones to turn it into a spying device without the owner’s knowledge.
  • It was reportedly used to entrap and murder Jamal Khashoggi, a critic of the Saudi Arabian Crown Prince Mohammed Bin Salman.
  • As per the NYT article, it was used by UAE and Mexico and others against government critics alongside drug traffickers.
  • The U.S.’s FBI also reportedly tested it out, though it was not deployed in the country.
  • The earliest avatars of Pegasus used spear phishing to enter phones, utilizing a message designed to entice the target to click on a malicious link.
  • However, it evolved into “zero-click” attacks with the phones being infected without any action from the target individual.
  • In 2019, WhatsApp released a statement saying that Pegasus could enter phones via calls made on the platform, even if they were not attended.
  • Pegasus used several such “exploits”, or weaknesses, to enter Android and Apple phones; and many of these exploits were reportedly “zero day”, which means even the device manufacturers were unaware of these weaknesses.
  • Pegasus can also be delivered over the air from a nearby wireless transmitter, or manually inserted if the target phone is physically available.
  • Once inside the phone, Pegasus seeks “root privileges”, a high level of control over the phone that enables the spyware to establish communications with its controllers through an anonymized network of internet addresses and servers. It can then start transmitting any data stored on the phone to its command-and-control centres.

How does it matter to India?

  • Reports that appeared in July 2021 from the Pegasus Project, which includes The Wire in India, The Guardian in the U.K., and The Washington Post in the U.S., said that in India, at least 40 journalists, Cabinet Ministers, and holders of constitutional positions were possibly subjected to surveillance using Pegasus.
  • The reports were based on a database of about 50,000 phone numbers accessed by the Paris-based non-profit Forbidden Stories and Amnesty International.

Source: THE HINDU.

Leave a Comment