As for the harmful Pegasus programs, they were developed by the NSO Group and are considered the latest modern surveillance and espionage methods developed, with an advanced system in spying operations and the purpose of stealing any type of information from the victims’ devices.
Because the NSO Group markets this type of harmful software as the sole purpose of preventing harmful attacks and monitoring suspected individuals, it is able to sell it to many security agencies and foreign governments that want to use this type of program. However, many leaks and documents have confirmed that there are some governments that have already used Pegasus programs to spy on many unsuspecting individuals without any logical justification. The spying reached presidents of countries and political officials from various countries and states.
How Does Pegasus Infect Users’ Devices?
In fact, Pegasus programs are malicious, complex, and advanced to the extent that they may use more than one method to infect targeted devices. One of these methods is through malicious links, so once the victim clicks on this link, the Pegasus program is automatically downloaded to the device without the victim’s knowledge and starts working in the background. This link may be sent in a message on WhatsApp, a text message, an email, or any other familiar means of communication.
The second method relies on a software error or vulnerability in phone operating systems (Android and iOS) that has not been addressed by security researchers at Google or Apple. By exploiting this vulnerability, the Pegasus software is planted in the phone as soon as the recipient answers a call coming through the “WhatsApp” application. Fortunately, WhatsApp worked to address this vulnerability in a short period and was able to disable it. However, for the iOS system, the software can exploit the same vulnerability to embed spyware through the iMessage direct messaging service and then Pegasus programs can access many devices, penetrate their security, and steal any type of information from the iPhone.
What Are the Objectives of Pegasus Programs?
News sources, through research conducted on this type of virus, state that the amount of data that Pegasus programs can collect from victims is massive, thanks to their ability to access permissions that the actual user cannot access, such as Root permissions in Android phones. In this way, these programs, once installed on the phone, can collect any type of confidential data and perform many tasks that the user himself cannot do.
However, in reality, the harmful Pegasus programs are capable of doing much more than just monitoring and collecting message data from the victims. For example, they can also monitor and record all the target’s calls, collect a complete copy of all the target’s contacts, copy all the photos in the phone’s gallery, and activate some phone features without the user’s knowledge, such as the camera and microphone to start recording all conversations and monitor the target’s movements without their knowledge.
Despite all this, there are no official documents or evidence showing exactly what types of data Pegasus programs can collect until now. However, all sources confirm that the amount of information is large compared to any other spy program.
Which Platforms and Devices Does Pegasus Target?
Definitely, Pegasus’s main target is Android and iOS phones, but there are some sources that confirm its ability to create vulnerabilities even in Symbian and BlackBerry phones and old operating systems for smartphones. Reports created by Amnesty International have shown that the iOS system is vulnerable to being hacked by Pegasus programs through malicious links, and then it has the ability to spread throughout the system. It is worth mentioning that this method does not require any manual interaction from the victim, and a researcher tweeted on Twitter explaining that all iPhones running on modern versions of iOS such as iOS 14.3 are vulnerable to exploitation by Pegasus through iMessage.
Is There Real Danger from Pegasus Programs?
According to reports published in some news outlets and research conducted by The Washington Post, Pegasus programs have been used in more than 37 cases to spy on the phones of the victims. The source mentioned that among these victims were a group of heads of state, the French president Emmanuel Macron, and the Egyptian prime minister, journalists, human rights activists, businesspeople, and two women close to the murdered Saudi journalist Jamal Khashoggi.
Let’s remember here the real goals of Pegasus programs, which are to monitor political activists, prominent figures, and community icons and learn some information about their personal lives and send this information to the Israeli surveillance company. However, this does not mean that your device is completely secure and able to withstand this type of spying software. However, reports indicate that it is very rare for ordinary consumer phones to be affected by this type of spying software, as so far there has been no activity of Pegasus programs except through monitoring prominent individuals for national security reasons of governments or perhaps for other unknown reasons.
Unfortunately, Pegasus programs are highly complex and can hide from most antivirus programs and tools, but this does not mean that there is no way to scan the phone and search for it. For example, there is a tool called the “Mobile Verification Toolkit” capable of scanning the phone, whether it is an Android or iOS phone, searching for any security vulnerabilities, including Pegasus programs. This tool works by taking a full backup of the phone data and then scanning it for any security vulnerabilities or hacking operations used by the Israeli NSO company. It also scans all phone messages and conversations to search for any links that ultimately lead to NSO servers.
Unfortunately, it is currently very difficult to use the MVT tool as it adheres to a set of file structures and command stations that require expertise only available to application developers, but if you are able and find yourself qualified to use it, you can download it from the Github website and continue to experiment with how it works and scan your phone using it.
Can Pegasus Spyware Be Eliminated?
You will not be able to easily get rid of Pegasus programs, in fact, no one can. However, if you suspect that your phone may already be hacked by Pegasus programs, the only safe way to protect your data is to reset your phone to factory settings, but even this method may not be 100% effective to get rid of this octopus.
Several cybersecurity experts emphasize the necessity of getting rid of the phone completely if you suspect that it is infected with Pegasus’s harmful programs. However, at least you can temporarily secure yourself and make sure to update your phone to the latest operating system version and update all the applications you use and change all the passwords of your personal accounts online.
How to Protect Yourself from This Type of Virus?
As mentioned in the introduction, you can take precautions and necessary measures to protect yourself against this dangerous type of viruses, and the first correct step is to update the operating system and all applications used on your mobile phone. Updating the operating system is necessary because it maintains system strength, raises awareness of emerging risks and threats, and prepares it to deal with them positively and close all loopholes that lead to them. At the same time, application developers are always working on updating their applications against new security vulnerabilities, so it is essential that you take care to update all your applications to the latest available versions.
The second step is the necessity of relying on strong antivirus protection against malicious programs. Although Google or Apple’s protection for smartphones may be sufficient in most cases, there is no harm in relying on powerful antivirus programs to add an additional security layer to the phone against any new or potential threats.
The third step is the necessity of not clicking on any links received through email messages because this is the ideal method used by Pegasus programs to penetrate devices. However, if a friend sends you a link, you must make sure that your friend is indeed the one who sent you this link, know exactly what its purpose is, and to what end this link will lead you.
At the same time, there is no harm in monitoring the permissions you allow on your phone for all your used applications. If you notice that any application uses permissions that are not related to its main features, it is better to disable these permissions or delete the application and look for a safer and more reliable alternative.
If you are lucky enough to experience the trial version of Android 12, you already have the Privacy Dashboard feature that will show you all the permissions used on your phone over the past twenty-four hours. However, if you are still using an old Android version, you can try the “Privacy Dashboard” application, a free app developed by an Indian developer that works exactly like the Privacy Dashboard feature in Android 12.
Does Using a VPN Protect You from Pegasus?
The answer is no because Pegasus programs do not depend on your location or geographic location but rely on how you use the Internet. Regardless of your internet connection location and encrypting the connection through IP spoofing, Pegasus can copy all the information on your phone’s memory and send it to the source easily. However, if you want to be safe, you should be cautious of only the sites you visit.
Should You Change Your Phone Number If You Have Been Attacked by Pegasus?
This step is very positive if you notice that your phone is already infected with Pegasus programs, but it is not the typical way to get rid of Pegasus. Instead, you should replace your phone completely to be safe – at least that’s what cybersecurity experts say about Pegasus at the moment.
Why Couldn’t WhatsApp Counteract the Pegasus Attack?
Simply because the WhatsApp application relies on end-to-end encryption, meaning the encryption process starts exactly when the message is received from the other party or the message is sent to the other party. In other words, Pegasus relies on attacking the endpoint to steal personal data before the message reaches the other party or before the other party receives it.
