Decoding Pegasus

Decoding Pegasus

Sankar Nath

Pegasus is one of the most recognized creatures in Greek mythology. But the Pegasus we are going to decode is nothing but a spyware developed by the Israeli cyberarms firm NSO Group.  NSO group is an Israel based technology firm which was founded in the year 2010 by Niv Carmi, Shalev Hulio and Omri Lavie. NSO Group is a subsidiary of the Q Cyber Technologies group of companies whose headquarter is in Herzliya, near Tel Aviv, the capital of Israel.  NSO group operates around the world through its subsidiaries such as OSY Technologies, Westbridge etc.

American private equity firm “Francisco Partners” previously owned the NSO group but the founders have bought it back in the year 2019. According to NSO, it provides “authorized governments with technology that helps them combat terror and crime.

What is Pegasus:

Pegasus or Q suite is a spyware, marketed by NSO group is an advanced cyber intelligence solution for the law enforcement agencies to extract data from any mobile devices. Until 2016, Pegasus had the capabilities to track text messages, location and call tracking and password collection, but the project Pegasus revelations, 2021 suggests that Pegasus software can exploit all recent iOS versions up to iOS 14.6.

A Pegasus brochure described this as “Enhanced Social Engineering Message (ESEM)”. When someone clicked on the malicious link packaged as ESEM, the phone gets compromised and subsequently the server checks the operating system of the phone and deploy suitable remote exploit to it.

The Pegasus spyware is classified as a weapon by Israel and any export of the technology must be approved by the government

Who is Vulnerable:

As per available report all devices specifically iPhones have been widely targeted by Pegasus. It targets iPhones via the iMessage app and push notification service. In 2017, a detailed of Android version of Pegasus was released by Lookout, a cyber-security firm and Google. It is also alleged that a video calling features of WhataApp was exploited by Pegasus in 2019.

In the year 2016, the iOS exploitation by Pegasus was identified when an Arab human right activist Ahmed Mansoor received a text message where he was promised about the secrets of torture happening in prisons in the United Arab Emirates by following a link. The human right activist Ahmed Mansoor sent this link to “Citizen Lab”. The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs at the University of Toronto, Canada. “Citizen Lab” along with “Lookout” investigated it and found a link to NSO group.

Why it is news in India:

According to a report published by a consortium of media outlets about details of people who could have been hacked using Pegasus globally, more than three hundred Indian phone numbers have been found on the list.  The names of heavy weight politicians, government officials, and journalists of India appeared in the list. Among them congress leader Rahul Gandhi, IT Minister Ashwini Vaishnaw were potential targets of the spyware.  The targets of the spyware has also includes Union Minister Prahlad Patel, Virologist Gagandeep Kang, Abhishek Banerjee, Ashok Lavasa, a former Election Commissioner etc. Interestingly the ‘chief advisor’ of AASU, Shri Samujjal Bhattacharya and ex- ULFA leader Shri Anup Chetia’s name have also  appeared on the list.

What to do to protect yourself:

  • Don’t click on link from untrusted source. Be it message or emails. Be careful while clicking on any links.
  • Regularly update your device.
  • Check device manufacturer’s website for update. Don’t rely on notifications.
  • Enable security measures such as pin, finger and face lock.
  • Avoids using public wi-fi.

Sankar Nath, Research Scholar, Assam Don Bosco University