I spy - the Pegasus pry!
That your phone can be the most vulnerable thing has been proved beyond doubt by the Pegasus affair
The media is abuzz about Pegasus, the spyware created by the NSO group - an Israeli cyber intelligence firm. And with good reason. It was revealed the software was allegedly used to invade phones of several prominent Indian politicians, journalists and business people among 50,000 others worldwide, seriously compromising the issue of personal privacy. Here’s breaking down the startling news and its implications.
What is Pegasus?
The spyware is essentially a surveillance software that accesses people’s phones without their consent. It can acquire personal, often sensitive information and share with those deploying the software.
Pegasus can read messages and emails, tap calls, take screenshots, note keypad strokes, and access browser history. The camera and microphone of the infected device can be compromised as well and used as a surveillance tool to capture and record a person’s activities.
While the NSO group maintains that it can only be purchased by law enforcement and government authorities with the sole objective of saving lives by preventing crimes and acts of terror, the list of those whose phones were hacked doesn’t quite match up with this defence.
How does spyware infect your mobile device?
Previously, the mobile user had to click a link sent via SMS. One click would grant the spyware and its user complete access to the device. However, as people became more aware of these tactics, Zero-click attacks were discovered. This means that the spyware can take control of a device without any interaction with the malicious data shared.
Zero-click attacks rely on apps like iMessage, WhatsApp, and FaceTime that can receive all kinds of data, even from unknown sources. Through bugs in these popular apps, a tool like Pegasus can hijack any phone, be it Android or iOS.
How to protect your privacy?
To protect your phone from possible surveillance ensure that operating systems are updated, as they will include patches for the vulnerabilities that have been exposed. Additionally download apps only from official app stores. You can also avoid using apps and stick to a browser to check emails and social media, it’s inconvenient but effective.
Researchers at Amnesty International have created a Mobile Verification Toolkit (MVT) that can check whether your phone has been infected with Pegasus or any other potential security threats. It is available for both iOS and Android users and can be accessed through GitHub. To install the toolkit, you will need to install a Python package available on the MVT's website. You can find instructions for installing the toolkit on the website itself.
It’s time for a change
The concerns over privacy, not just of prominent officials but every citizen are mounting. And our phones are such an inherent part of our lives, the need for stringent data protection laws has never been graver. We have the right to privacy and it’s time we became more aware of how to protect it ourselves while becoming advocates for strict laws that will allow every citizen to use their phones without fear.
At Doosra we do our bit to bat for every person’s right to privacy and the right to not be disturbed. This is done by taking out their prime number out of the hands of spammers, stalkers and snoopers. Check out just how at www.doosra.com and take the first step towards protecting your privacy.