Pegasus, the most sophisticated spy on your mobile
This is how the spy program of Israeli origin works, which allows to know in detail all the communications of a person with a click and which is now related to the murder of the Saudi journalist Khashoggi.
Pegasus, the spy program of the Israeli NSO Group, continues to travel around the planet, infecting technological devices. Once installed on the mobile phone, it is able to retransmit in detail all the communications of a person, whether they are encrypted in an app or not, whether it is an Android or Apple system that operates in the terminal. Now, the spyware, or spyware, is again in the spotlight having been linked to the investigation of the Khashoggi case, the Saudi journalist killed in the Turkish embassy in Turkey.
Discovered in 2016, Ahmed Mansoor, a human rights activist from the United Arab Emirates, turned out to be one of the first victims of one of these attacks, called by experts 'spear phising'. How was it activated? Mansoor received several messages about cases of human rights abuses and a message appeared in the text itself. "Do not trust the messages of suspicious senders", point out cyber security experts.
The activist followed the steps recommended by the experts and delivered the messages to security researchers from the Citizen Lab at the University of Toronto. Indeed, there was a 'malware' behind and researchers from Lookout dubbed it 'the most sophisticated attack they had ever seen'. Now, the last known victim appears to be Jamal Khashoggi, who was assassinated at the Saudi consulate in Istanbul on October 2 by agents from Saudi Arabia.
Module system
Victim? Victim of Pegasus, yes. It is a modular 'malware'. «After analyzing the victim's device, it installs the necessary modules to read the messages and emails of the user, listens to calls, makes screenshots, registers keys that are entered, accesses the browser's history, contacts», explain the Kaspersky experts Lab.
This week, Omar Abdulaziz has revealed about 400 whatsapps that he exchanged with Khashoggi. The young man, who now lives in Canada, received an SMS and punctured last June. "Guilt is killing me," Abdulaziz explained.
That innocent action allowed to install, according to complaint Abdulaziz, Pegasus and monitor all their conversations. Talks and exchanges of messages that include the 400 messages of WhatsApp in which they talked about the creation of a youth movement in social networks and the internet in order to destabilize and pass accounts to the Saudi monarchy.
Ready to catch everything
Pegasus is ready to capture everything in the mobile. Camera images, microphone sounds, incoming and outgoing calls and also encrypted Telegram and WhatsApp messages. «With regard to the capture of messages from messaging services, we must bear in mind that WhatsApp encrypts messages in point-to-point communications, not while they are in the sending device or once they have been received by the receiver», points out Josep Albors, head of awareness and research at ESET Spain.
Researchers at the University of Toronto discovered that their phone had been hacked with this spyware from the Israeli company. A process that involves "checking the running processes to be sure they are not infected," adds Albors.
According to the text of the lawsuit, the NSO group sold its technology to Saudi Arabia in 2017 for 55 million dollars. The Israeli company notes that the "demand does not show that the company's technology was used. Even more, it has details that are not based on reality. NSO is a technology company that is not involved in the use of our products once they are sold to our customers. "
NSO Group is eight years old and was founded with funds from veterans of the intelligence unit. Saudi Arabia is not your only client. The Government of Mexico is also one of its main recipients.
At the service of governments
An investigation by The New York Times uncovered the espionage campaign in the Central American country and President Enrique Peña Nieto acknowledged that his government had acquired this technology.
To spy on 10 iPhone users with Pegasus, the software maker charges about $ 650,000, in addition to the installation fee of $ 500,000. The malware will self-destruct if it is not able to communicate with its command and control server for more than 60 days or if it detects that it has been installed on the wrong device with the wrong SIM card.
However, "the best way to prevent this spyware from achieving its goal is to have the device updated with the latest version of the operating system and thus prevent it from using the exploits to get installed and take control of the device," says Albors .
No comments:
Post a Comment