The most advanced cellphone hacking tool is a nightmare for anyone who is a person of interest. Here is everything we know about the Pegasus spyware.

Project Pegasus: the looming danger, and how the phone hack/tapping works

Posted by

Pegasus is a spyware developed and sold by Israeli NSO Group. The company says that it sells the spyware only to governments who use it for surveillance of “serious crimes and terrorism”. However, there have been reports of the software being used in hacking and monitoring individuals that do not fall within this classification.

Pegasus has been reported as used to monitor heads of states and other officials of government, including those of countries like France, Algeria, Belgium. Egypt, South Africa, and Uganda, among others.

trojan horse image representative of Pegasus spyware

How Pegasus spyware works

Pegasus is the most cutting edge cellphone hacking/monitoring spyware, because it can be installed on a phone without the user clicking on anything. Most spyware require user action for installation to happen. Usually, a link is sent to the target via email or other medium, and when this link is clicked on, it triggers an installation. Not Pegasus.

NSO’s Pegasus is called a “zero-click” trojan virus and works on both Android smartphones and iPhones. Once installed on a device, this bad boy spyware provides the attacker with full access to the infected cellphone. No information on the infected device is safe – SMS, call records, social media accounts, location, WhatsApp messages and calls, Telegram, Signal, bank records, the whole works. All of these data can be accessed via Pegasus, and without the user having a clue that they are being monitored.

Simply put, this is the spyware that other spyware aspire to be.

Is there any way to prevent Pegasus from being installed on your smartphone?

As at this time, there is no known protection or shield against Pegasus. If an attacker has the software and are interested in you, they will hack your phone. The fairly good news is that most people do not have to worry about being hacked with this spyware. Why? It is very expensive, and usually, only governments have the kind of money to spend on surveillance software of this nature. And governments are not after the average person.

Yet, it is a present danger once your government has its hands on Pegasus. Knowing that they have the capacity to do it is scary. And there is no guarantee that it won’t be used by individuals for personal vendettas and interests. Already, we know that it has been used against journalists, political opponents, and human rights activists in several countries. As things go, there is always more that does not get reported in the news.

Can you find out if your cellphone has been hacked by Pegasus?

Yes; you can find out if Pegasus spyware has been installed on your phone, but only if you use an iPhone. Amnesty International has developed a tool that you can use to detect the activities of this spyware on your iPhone. The tool is not available for Android devices, unfortunately.  

How to check if you have the Pegasus spyware installed on your iPhone

Checking your iPhone for Pegasus spyware isn’t as simple as installing and running an app. The procedure is more technical than most people will like. It requires a fair grasp of command line usage. So, you do need to be fairly technically-minded to use it. If interested, here is what to do:

  1. Carry out an encrypted backup of your iPhone via iTunes or from Finder in more recent MacOS versions.
  2. Follow Amnesty’s Mobile Verification Toolkit (MVT) installation instructions.
  3. Run MVT on the encrypted backup moved to these locations:

    Windows: in %USERPROFILE%\Apple\MobileSync\ or %USERPROFILE%\AppData\Roaming\Apple Computer\MobileSync\
    Mac OS: ~/Library/Application Support/MobileSync/

Not for the faint-hearted; right? Hopefully, someone will come up with a less technical way to check for the spyware on your cellphone, and include Android too.

How to remove Pegasus from an infected phone

That is the thing: even if you find traces of Pegasus activity on your smartphone, there is no known way to uninstall or delete the spyware app. Does a factory reset remove Pegasus from an infected phone? Sorry, but it is a futile effort. The spyware is reported as being able to carry out chip-level activity, so it stays on your phone even after a factory reset.

The only known protection against Pegasus is that you stay offline. Do not use an Internet-connected device. Stick with an old school dumb phone for your telephone needs. If your Android device, iPhone, or iPad has been infected with this spyware, your best bet is to destroy it and get another phone. Yes; preferably a dumb phone.

You are reading Mobility Arena.

Leave a Reply

Your email address will not be published. Required fields are marked *