Israeli spyware 'Pegasus’ has once again made headlines after major media outlets released the list of its potential targets consisting of India’s hundreds of journalists, activists, opposition politicians, government officials and business executives.
The spyware developed by the Tel Aviv, Israel based cyber intelligence and security firm NSO Group is the most advanced among all such snoop ware available in the market. It is also known by other names like Q Suite and Trident.
The spyware was created to hack computers and smartphones in order to collect data and deliver it to a third party. It is malicious since it collects data without the person's permission.
However, NSO Group states that their goal was to "create best-in-class technologies to assist government agencies in detecting and preventing terrorism and crime."
With the spyware constantly making headlines for hacking data of major government/ private officials, questions that raise are- Is your mobile phone and Whatsapp can be hacked by using Pegasus spyware? If yes, then how to avoid it?
How does Pegasus work?
Hackers that use Pegasus exploit software loopholes and security bugs to instal malware on targets' phones.
The first version of Pegasus detected in 2016 used a technique known as "spear phishing" to get access to phones. The spyware user would send a text message or an email to the target device using this method, then it would download on the device once the receiver clicked a link in the email or message, and begin transmitting information to the attacker.
Pegasus in 2021 is a considerably more advanced version of Pegasus in 2016, and it can now carry out a so-called "zero-click" attack, which means it can enter a phone with almost no action from the target.
The malware can be deployed simply by a missed call. It even deletes the call log record once penetrated, leaving no trace on the device.
What can Pegasus do?
Pegasus, the most advanced" hacking tool, is so undetectable that a phone user would not even realise their device has been hacked.
Apart from data theft, Pegasus may erase all information from the host device, including caller logs, calendar events, and so on, ensuring that the target person's data is stolen without their knowledge.
Can the spyware read Whatsapp messages?
Despite, Whatsapp’s end-to-end encryption the hacker can read your chats. End-to-end encryption means that after the message is typed out and sent and before it is read on the receiver’s phone, it is scrambled in a way that anybody who intercepts the data would not be able to read it.
But, such encryption is useful against “man-in-the-middle” attacks, not “against ‘endpoint’ attacks, which target either end of the communication”.
Because the Pegasus spyware has access to the tech on the target's device that decrypts the encryption and makes it accessible for the target, it can read the WhatsApp message.
How to prevent your phone from getting hacked by Pegasus?
- Although this snoop ware is extremely advanced, many firms have implemented high-level app and phone protection.
- The odds of your phone being hacked are lower if you use the latest versions of the apps on your iPhone or Android.
- Check the security of your social media account on a regular basis and take the required precautions.
- Do not click on any suspicious messages or links that you come across.