It’s also noteworthy that Pegasus could even listen to encrypted audio streams and read encrypted messages - thanks to its keylogging and audio recording capabilities, it was stealing messages before they were encrypted (and, for incoming messages, after decryption).Īnother interesting fact about Pegasus is that it tries to hide itself really diligently. Basically, it can spy on every aspect of the target’s life. After scanning the target’s device, it installs the necessary modules to read the user’s messages and mail, listen to calls, capture screenshots, log pressed keys, exfiltrate browser history, contacts, and so on and so forth. Another cybersecurity firm, Zerodium, once offered $1 million for an iOS zero-day, so you can imagine that it cost quite a bit of money to create Pegasus.Īn emergency #iOS update patches #0day used by government spyware /6U8nX0baXYĪs for surveillance, let’s be clear: We’re talking total surveillance. Pegasus relied on a whopping three zero-day (previously unknown) vulnerabilities in iOS that allowed it to silently jailbreak the device and install surveillance software. That means the malware is commercial - it’s sold to whoever is willing to pay for it. Pegasus has been attributed to the NSO Group, an Israeli company whose bread and butter is developing spyware.
The malware was dubbed Pegasus, and Lookout researchers called it the most sophisticated attack they’d ever seen on any endpoint. If he had clicked, his iPhone would have been infected with malware - malware for iOS. It was a spear-phishing attack: He received several SMS messages that contained what he thought were malicious links, so he sent those messages to security experts from Citizen Lab, and they brought another cybersecurity firm, Lookout, to the investigation. Pegasus was discovered thanks to Ahmed Mansoor, a UAE human rights activist, who happened to be one of its targets. Let’s shed some light on Pegasus and explain why we use the word “ultimate” to describe it. The Android version is different in some ways from its iOS predecessor.
That discovery made the whole cybersecurity world… uneasy.Īt our Security Analyst Summit, researchers from Lookout revealed that Pegasus exists not only for iOS, but for Android as well. There actually is malware in the wild that targets iOS users - it’s been proved a number of times, and in August 2016 researchers proved it again by revealing the existence of Pegasus, spyware capable of hacking any iPad or iPhone, harvesting data about the victim, and establishing surveillance on them. Apple does little to discourage the impression - the “fruit company” doesn’t even allow antivirus solutions in its App Store, because, you know, allegedly they’re not needed. Apple iPhone and iPad users usually believe they are safe.
0 kommentar(er)
