It’s Zero-click! Pegasus Attack Don’t Need Human Action | Hacker Noon


Jaydev Joshi Hacker Noon profile picture

@maxiiJaydev Joshi

Lerner | Infosec | OSINT

Spyware is any malicious software designed to enter your computer device, gather your data, and forward it to a third-party without your consent.

What is Pegasus?

Pegasus spyware is created by Israel-based surveillance technology company NSO Group Technologies.

It isn’t just another spyware that you find on google. It is a type of spyware that infiltrates and does self-installation on your device, which means it’s sophisticated and one of the most advanced spyware. 

NSO does not provide any information about its clients. But according to its website, its products are used exclusively by intelligence and law enforcement agencies to fight against crime and terror. Some of the High profile cases had been solved by this spyware. 

Why Pegasus is in news?

Pegasus Spyware has allegedly been used to secretly monitor and spy on many public figures worldwide.

Journalists are raising voice against Pegasus. The Pegasus project is a ground-breaking collaboration by more than 80 journalists from 17 media organizations in 10 countries coordinated by Forbidden Stories with the technical support of Amnesty International’s Security Lab. Approximately 50K users including heads of state, activists, diplomats, journalists are been targeted & spied by the Pegasus Spyware across the globe.

NSO Group’s spyware has been used to facilitate human rights violations around the world on a massive scale.

“From the leaked data and their investigations, Forbidden Stories and its media partners identified potential NSO clients in 11 countries: Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Togo, and the United Arab Emirates (UAE).” (source)


Why it’s hard to trace?

Pegasus is the most sophisticated attack to date. The spyware has the capability of self-destruction in case of detection. So there is no trace left that the devices are being affected by Pegasus.

Generally, there are some indicators if any type of hacking software is installed on your device like battery consumption, slow working, increment in data usage, unusual behavior, heating problems, etc. But in the case of Pegasus, there is nothing. There’s no trace that your phone is infected. It works silently with/without your concern.

If it is not connected to the command and control server for 60 days or it thinks it has been installed on the wrong device, then it destroys itself.

Zero-click attacks are hard to detect & prevent. To keep on the safe side, users should use the latest versions of OS, keep updating their applications, and download them from the trusted sources.


How is this spyware installed on your phone?

This type of malware is working on a traditional phishing technique. You’ll get a link on your social media, personal email, or text message. Once you click the malware installed in your device.

Pegasus spyware works on zero-click vulnerability which means it can be directly installed on user devices without human interaction. So users do not even know that they are being attacked.

According to Kaspersky report, after scanning the target’s device, it installs the necessary modules. Since they have the root privilege, they can access all your messages and mail, calls, contacts, capture screenshots, exfiltrate browser history, and even listen to encrypted audio streams and read encrypted messages. It can spy on every aspect of the target’s device.

How to keep yourself safe from Pegasus?

Till now, there is no updated patch found to prevent this spyware. Still, you can follow some of these steps to minimize the risk.

  • Download from authorized sources.
  • Stay away from unofficial app stores.
  • Be reserved about giving permissions to apps.
  • Avoid email links and attachments when possible.
  • Avoid using public WiFi.
  • Update your Apps/Software immediately when security patches are released.

Find out more information on Pegasus here,

  • Citizen Lab Report
  • Forbidden Stories
  • The Print Report
  • Kaspersky Report
  • Amnesty Lab Report
  • Tags

    Join Hacker Noon