![]() The spyware can be installed on devices running certain versions of iOS, Apple's mobile operating system, as well as some Android devices. In December 2020, an Al Jazeera investigative show The Hidden is More Immense covered Pegasus and its penetration into the phones of media professionals and activists and its use by Israel to eavesdrop on both opponents and allies. Two months after the murder and dismemberment of The Washington Post journalist Jamal Khashoggi, a Saudi human rights activist, in the Saudi Arabian Consulate in Istanbul, Turkey, Saudi dissident Omar Abdulaziz, a Canadian resident, filed suit in Israel against NSO Group, accusing the firm of providing the Saudi government with the surveillance software to spy on him and his friends, including Khashoggi. Several lawsuits outstanding in 2018 claimed that NSO Group helped clients operate the software and therefore participated in numerous violations of human rights initiated by its clients. It was used in Panama by former president Ricardo Martinelli from 2012 to 2014, who established the Consejo de Seguridad Pública y Defensa Nacional (National Security Council) for its use. The New York Times and The Times of Israel both reported that it appeared that the United Arab Emirates was using this spyware as early as 2013. Regarding how widespread the issue was, Lookout explained in a blog post: "We believe that this spyware has been in the wild for a significant amount of time based on some of the indicators within the code" and pointed out that the code shows signs of a "kernel mapping table that has values all the way back to iOS 7" (released 2013). A patch for macOS was released six days later. Citizen Lab and Lookout notified Apple's security team, which patched the flaws within ten days and released an update for iOS. Pegasus had previously come to light in a leak of records from Hacking Team, which indicated the software had been supplied to the government of Panama in 2015. The researchers noticed that the software's code referenced an NSO Group product called "Pegasus" in leaked marketing materials. The software can also collect Wi-Fi passwords. The software installs itself and collects all communications and locations of targeted iPhones. According to their analysis, the software can jailbreak an iPhone when a malicious URL is opened. Ĭitizen Lab and Lookout discovered that the link downloaded software to exploit three previously unknown and unpatched zero-day vulnerabilities in iOS. ![]() Mansoor sent the link to Citizen Lab of the University of Toronto, which investigated, with the collaboration of Lookout, finding that if Mansoor had followed the link it would have jailbroken his phone and implanted the spyware into it, in a form of social engineering. Arab human rights defender Ahmed Mansoor received a text message promising "secrets" about torture happening in prisons in the United Arab Emirates by following a link. Pegasus's iOS exploitation was identified in August 2016. The company states that it provides "authorized governments with technology that helps them combat terror and crime." NSO Group has published sections of contracts which require customers to use its products only for criminal and national security investigations and has stated that it has an industry-leading approach to human rights. NSO Group developed its first iteration of Pegasus spyware in 2011. Subsequent investigations into Pegasus by Amnesty International, Citizen Lab, and others have garnered significant media attention, most prominently in July 2021 with the release of the Pegasus Project investigation, which centered on a leaked list of 50,000 phone numbers reportedly selected for targeting by Pegasus customers. Ĭyber watchdog Citizen Lab and Lookout Security published the first public technical analyses of Pegasus in August 2016 after they captured the spyware in a failed attempt to spy on the iPhone of a human rights activist. ![]() The spyware is named after Pegasus, the winged horse of Greek mythology. ![]() While the capabilities of Pegasus may vary over time due to software updates, Pegasus is generally capable of reading text messages, call snooping, collecting passwords, location tracking, accessing the target device's microphone and camera, and harvesting information from apps. Īs of March 2023, Pegasus operators were able to remotely install the spyware on iOS versions through 16.0.3 using a zero-click exploit. While NSO Group markets Pegasus as a product for fighting crime and terrorism, governments around the world have routinely used the spyware to surveil journalists, lawyers, political dissidents, and human rights activists. Pegasus is spyware developed by the Israeli cyber-arms company NSO Group that is designed to be covertly and remotely installed on mobile phones running iOS and Android. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |