This information was obtained from Forbidden Stories and Amnesty International, a non-profit organization based in Paris. 50 thousand numbers It may have been invaded by “malware” created by an Israeli company NSO team e Sold to government agencies.
The program is a tool that can operate the cell phone’s camera and microphone, as well as access data from the device and turn it into a pocket spy.
Pegasus is a program created by the NSO group, an Israeli cyber security company, whose function is to break cell phones to spy on people. Software for this purpose is called malware.
He is a Sold to government agencies It is considered to be one of the most complete and advanced spy programs available for mobile phones and can attack devices running Android, Google and iOS operating systems used on iPhones.
Is said to have been Customers of this company who decided which smartphones will be hacked.
The use of this type of software by governments is done in secret and human rights organizations point out potential abuses in the reports. Companies that develop such solutions operate in an unrestricted space.
The NSO group, for example, claims that Pegasus is only sold to government agencies recognized by Israel and that it is only used to pursue terrorists and major criminals. In addition, the company claims that it cannot access the data of its customers.
Pegasus is capable Spying on cell phone, tracking SMS, voice and video communications and collecting GPS location information.
Even malware Read contents of WhatsApp, Signal and other encrypted messaging applications, Wiping technology and allowing only the sender and recipient to access the content.
This is possible because the software “records” the content that appears on the screen. Encryption prevents the interruption of the message, which is not the algorithm used by the NSO.
After hacking into a cell phone, Pegasus turns the device into a 24-hour surveillance device without the user noticing.
How can it be installed?
Be common Sent messages via SMS or apps with a link that convinced the victim to “activate” the malware. News is often personalized with themes of interest to the goal to increase the chances of success.
However, by sending a message, the company has developed methods to activate the malware without any user action. These invasions are called “Zero Click”.
Pegasus was Designed to avoid iPhone and Android phone security And leave small traces of his attack. Because it is so sophisticated, there are no known solutions to protect or prevent an attack.
According to a consortium of newspapers that hacked thousands of devices, Amnesty International’s security lab examined 67 smartphones suspected of being attacked. Of these, 23 have been successfully injured and 14 have shown signs of attempted attack.
Amnesty shared details of its forensic analysis with Citizen Lab, a digital security research team at the University of Toronto in Canada, which confirmed the evidence of the attack.
How does it extract this information?
Pegasus uses security holes in operating systems or applications installed on mobile phones.
On devices that are older or no longer receiving updates, these vulnerabilities are common knowledge.
For newer phones that receive more updates, the flaws used to avoid screen lock are kept secret by the NSO Group. As a result, the manufacturer is unable to fix the problem and close the holes that allow unauthorized opening.
Is this the first known use of Pegasus?
No. Pegasus is known to have been used Break the cell phone of Amazon founder Jeff Bezos, In 2020. It is suspected that the spy program was installed on Bezos’ iPhone via a video sent by WhatsApp.
Amnesty International has condemned attacks on activists and journalists by Pegasus for at least 3 years. According to the 2018 Citizen Lab report, there were indications that the program was used in 45 countries, Among them is Brazil.
The amount of news attacks this weekend and the number of hacked phones – At this time, there are no signs of devices being targeted in Brazil.
Does the NSO team only produce such software?
No. There are other companies that are developing plans to bypass security measures for Android phones and iPhones used by government agencies. However, the motives are different.
One of them was Cellpride, a company founded in Israel, which gained prominence Investigations into the case of boy Henry Boral. The company is developing a set of services that allow devices to open and recover deleted data, targeting police investigations and forensics.
Cellbright’s solution is capable of opening devices, extracting information and recovering deleted files. One of the key differences for the NSO Group product is that officers must have physical access to the device while Pegasus can monitor the device remotely.
The NSO panel said the banned stories report illustrates unproven theories and is riddled with misconceptions. The company denies maintaining a list of potential targets.
The company claims that Pegasus is only sold to authorized government agencies and that it is only used to pursue terrorists and major criminals. In addition, the NSO Group claims that its customer data is inaccessible.
The list of agencies and countries that rely on the company’s solutions has not been released.