Travel Tips
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Recently our largest democratic country witnessed mass surveillance against its dissidents, with malware widely known as Pegasus sold by NSO, many activities including political and media personalities were prey for mass surveillance by the central government. Now question arises what is Pegasus? Is it illegal?
Pegasus software is a type of malware or spyware which is highly sophisticated military grade spyware developed by Niv, Shalev and Omri (NSO) group which was founded in 2010. By the way NSO argues that they only sell this malware to government authorities which was nodded by Israel Government and not to sell this any private sectors.
This Pegasus malware can install what file they want and to record all calls. Now we have a doubt on how it is working this Pegasus can root all privacy security made by operating system it can operate in iOS Android OS and oxygen OS etc. Pegasus works through multiple vectors, i.e. it can hear all calls from your device on other device.
Initial stage of this malware was in 2018-19 years. This initial version of Pegasus was spear phishing, then after in 2020 they upgraded their system into zero click installation.
According to the statement of NSO about their business is giving some sort of relief to us. Global collaborative investigation team started operation in named of project Pegasus, this team includes THE GUARDIAN from UK Amnesty International, THE WIRE from India, Forbidden Stories and so on. This collaborative investigation found such attack with help of forbidden stories which has up to 5000 mobile number of world's most respected personalities. They contacted all of them to give their mobile phone for forensic analysis, some of them nodded while some of them disagree with them. After receiving Mobile phone, they made forensic analysis on it. They concluded that most of phone was under this Pegasus attack. Also they alerted that thousands of people among the world are under the surveillance of Pegasus.
Feature and Concerns
Pegasus malware was in the news of 2019-18. But somebody ignored it, because it was at its initial stage and was using spear phishing technique. This spear phishing technique doesn't spread major concerns among peoples because it needed some manipulation skills and social engineering also. At its unit stage targeted person will receive fake phone call and convince him as Government agent, after this step they give him a link and pressure him to click upon it, by doing so malware will begin to install on his phone. This technique was handling by only competent in social engineering and is easy to escape from such trap.
By 2020 Pegasus was upgraded and used more powerful technique instead of spear phishing called as Zero click. It means some links of this malware may come into your phone via WhatsApp or Just WhatsApp call or Messenger into your device, there is no need to click on this link or accept this call.
Once they receive this link the malware is beginning to install on his or her device. By this there also shows power of security in WhatsApp. Anyway WhatsApp had complied a plea on NSO in court for stealing user data. Apparently it has also a major mistake from WhatsApp because they ensure that all calls are end to end encrypted.
After zero click updating, Pegasus has much stealth features that makes its surveillance quite strong. One of this feature is Pegasus doesn't keep any evidence on prey's device. So it is more difficult to prove on devices that this device is targeted by Pegasus. Once more it has something called as scheduled data feature. When Pegasus needs to operate in device or to download or to install some files on targeted device, it needs more data consumption, in such cases when accidental internet usage rise user must have doubt on this, to resolve such dilemma they will schedule installation of files on devices, for example when using Wi-Fi connection.
There have so many concerns regarding this kind of malware. First off all mass surveillance is major raising issue. According to NSO statement this malware is only for targeted surveillance. Any way we have some fear of misuse of this malware in near future as we witnessed more misusing in these days like Telegram is best example. NSO explanation seems that they only give this malware for those who uses this in fair way. Zero click also is a major raising issue among peoples, for its crucial interpretation on Mobile phone without any alert, as mentioned before.
What and why?
This question must need answers in this article, what does attacker gain and why they use this?
According to NSO they only give this to get as we explained before. Accidentally I remember what I read about Pegasus from Malayalam Manorama they say that it is absurd to argue that we-NSO- had access on user phone or store /collect data from phones. Because we already sold this, after this we haven't any responsibility on this, just like car business. Pegasus gains access on phone mica, storage, WhatsApp message (which is end to end encrypted), they can record calls and even talk, contact and phone logs also. They can download files to trap Person and also delete it.
Why Pegasus?
Pegasus is only used by government, in spite of its violation on fundamental rights, legally this Pegasus is lawful according to some constitution articles. Why does Government use it? According to Central Government, they use this malware to eliminate all terrorists, aware about all terrorists’ attacks and to ensure security of state. But even we take list of targeted personalities, there is no terrorists, only some media workers, and political leaders also. Are they terrorists as Government said?
Comments