Is my phone at risk from Pegasus spyware?

Is my phone at risk from Pegasus spyware?

Points Highlighted:

  • Among the reported targets of the spyware are journalists, politicians, government officials, chief executives and human rights activists.

  • From a list of more 50,000 phone numbers, journalists identified more than 1,000 people in 50 countries reportedly under surveillance using the Pegasus spyware. The software was developed by the Israeli company NSO Group and sold to government clients.

Reports thus far allude to a surveillance effort reminiscent of an Orwellian nightmare, in which the spyware can capture keystrokes, intercept communications, track the device and use the camera and microphone to spy on the user.

The aim is to seize full control of the mobile device’s operating system, either by rooting (on Android devices) or jailbreaking (on Apple iOS devices).

Al Jazeera newsroom
Journalists working for Al Jazeera were reportedly among those targeted by NSO’s government clients. (Supplied: Al Jazeera)
How did they do it?
There’s nothing particularly complicated about how the Pegasus spyware infects the phones of victims. The initial hack can involve a crafted SMS or iMessage that provides a link to a website. If clicked, this link delivers malicious software that compromises the device.

The Pegasus hacking story explained
French President Emmanuel Macron wears a dark suit and gestures.
The French President is among world leaders whose phone numbers have appeared in a leaked database of potential hacking targets. Here’s what we know.

Read more
Usually, rooting on an Android device is done by the user to install applications and games from non-supported app stores, or re-enable a functionality that was disabled by the manufacturer.

Similarly, a jailbreak can be deployed on Apple devices to allow the installation of apps not available on the Apple App Store, or to unlock the phone for use on alternative cellular networks. Many jailbreak approaches require the phone to be connected to a computer each time it’s turned on (referred to as a “tethered jailbreak”).

Rooting and jailbreaking both remove the security controls embedded in Android or iOS operating systems. They are typically a combination of configuration changes and a “hack” of core elements of the operating system to run modified code. In the case of spyware, once a device is unlocked, the perpetrator can deploy further software to secure remote access to the device’s data and functions. This user is likely to remain completely unaware.

Most media reports on Pegasus relate to the compromise of Apple devices. The spyware infects Android devices too, but isn’t as effective as it relies on a rooting technique that isn’t 100 per cent reliable. When the initial infection attempt fails, the spyware supposedly prompts the user to grant relevant permissions so it can be deployed effectively. But aren’t Apple devices more secure?
Apple devices are generally considered more secure than their Android equivalents, but neither type of device is 100 per cent secure.

Apple applies a high level of control to the code of its operating system, as well as apps offered through its app store. This creates a closed-system often referred to as “security by obscurity”. Apple also exercises complete control over when updates are rolled out, which are then quickly adopted by users. Apple devices are frequently updated to the latest iOS version via automatic patch installation. This helps improve security and also increases the value of finding a workable compromise to the latest iOS version, as the new one will be used on a large proportion of devices globally.

On the other hand, Android devices are based on open-source concepts, so hardware manufacturers can adapt the operating system to add additional features or optimise performance. We typically see a large number of Android devices running a variety of versions — inevitably resulting in some unpatched and insecure devices (which is advantageous for cybercriminals). Ultimately, both platforms are vulnerable to compromise. The key factors are convenience and motivation. While developing an iOS malware tool requires greater investment in time, effort and money, having many devices running an identical environment means there is a greater chance of success at a significant scale.

While many Android devices will likely be vulnerable to compromise, the diversity of hardware and software makes it more difficult to deploy a single malicious tool to a wide user base. How can I tell if I’m being monitored?
While the leak of more than 50,000 allegedly monitored phone numbers seems like a lot, it’s unlikely the Pegasus spyware has been used to monitor anyone who isn’t publicly prominent or politically active.

The Techgadgetguides is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com Inc.
We will be happy to hear your thoughts

Leave a reply

Tech Reviews and Guides | TGG
Logo