Weekly Shot 8 — The Cyber Blackhole
If 2021 is the year of anything, it seems to be the year of cyber attacks and ransomware. It doesn’t get any better than this : A petroleum pipeline system hack, Microsoft hack, Kaseya hack, SolarWinds (and consequently part of the US Government system) hack, and now, The Pegasus Hack. In Chandler’s own words — “Could it, get any worse than this?”
So what’s Pegasus?
Pegasus is a cyber arms tool developed by the Israeli firm NSO Group for governments and other law bodies for counter terrorism and “public safety”. The capabilities this tool possesses is immense, to say the least. From what is known to the public about what it can do, it seems that it can infiltrate any Android and iPhone, even if it is fully patched, thanks to undisclosed 0-day hacks (these are exploits which are discovered but not disclosed to the right entity to fix it, either for the sake of selling the exploit or in this case, to use for themselves). NSO Group has been selling this technology since 2010, but why is it suddenly in the news now?
The Pegasus Project was led by Forbidden Stories, an organization of journalists that works on stories after the original reporters have been silenced in some way, aided by the Amnesty International’s Security Lab used a list of about 50,000 phone numbers tagged “of interest” by NSO Group’s various clients to link the numbers back to their owners and did a thorough forensic analysis on the devices. Several of these devices had traces of the spyware. All these belonged to various journalists and human rights activists including several others. These are supposed to be strictly off-limits according to the standard NSO supposedly holds its clients to. What’s even worse is according to the NSO, usage on a particular phone cannot be tracked back to the entity which did it (but somehow it says there is transparency?)
How can Pegasus get in? What can it take? Is there any way to stop it?
As mentioned before, this spyware functions on 0-day exploits. It has several methods it can get in and it also changes its infiltration methods quite frequently to avoid detection and get around latest updates. Some of the ways it is described to have gotten into these phones is through a malicious WhatsApp missed call. Don’t believe it? What’s even more shocking is the attackers could erase the evidence that the call ever came. This seems to have been fixed later by WhatsApp.
It also exploited a vulnerability in iMessage to send a malicious message. This message doesn’t even need to be opened for your iPhone to get hacked.
Once it enters your device, it obtains root access and can send all your personal information including messages, call recordings, contacts and passwords to the hacker. Scared? We all should be.
Is there anything we can do about this? Other than keeping apps and software up to date with the latest patch and hoping that you are not a target, there’s not much to do unfortunately.
We hope that this was an informative article and you gained some insight into the cyber world we live in. If you have any further questions, be sure to leave them in the comments.
As usual, if you are looking to support us directly and help us in continually publishing these articles, consider our Patreon and Buymeacoffee pages. Thanks and have a wonderful day :)