Pegasus Spyware: What is it and How Does it Hack Phones?

Una investigación del diario The Guardian, en colaboración con otros dieciséis medios, ha desvelado el uso de una potente herramienta de vigilancia electrónica que ha sido usada para espiar a importantes personalidades de todo el mundo.

david pegg & sam cutler

Bandera UK
Sarah Davison

Speaker (UK accent)

Actualizado a

438 Pegasus Spyware Istock

Escucha este articulo

Imprimir

Pegasus is the name for perhaps the most powerful piece of spyware ever developed — certainly by a private company. Once it has wormed its way  on to your phone, without you noticing, it can turn it into a 24-hour surveillance device. It can copy messages you send or receive, harvest your photos and record your calls. It might secretly film you through your phone’s camera, or activate the microphone to record your conversations. It can potentially pinpoint where you are, where you’ve been, and who you’ve met.

Pegasus is the hacking software — or spyware — that is developed, marketed and licensed to governments around the world by the Israeli company NSO Group. It has the capability to infect billions of phones running either iOS or Android operating systems.

438 Pegasus Spyware Gtres

The earliest version of Pegasus discovered, which was captured by researchers in 2016, infected phones through what is called spear-phishing — text messages or emails that trick a target into clicking on a malicious link. Since then, however, NSO’s attack capabilities have become more advanced. Pegasus infections can be achieved through so-called “zero-click” attacks, which do not require any interaction from the phone’s owner in order to succeed. These will often exploit “zero-day” vulnerabilities, which are flaws or bugs in an operating system that the mobile phone’s manufacturer does not yet know about and so has not been able to fix.

In 2019 WhatsApp revealed that NSO’s software had been used to send malware to more than 1,400 phones by exploiting a zero-day vulnerability. Simply by placing a WhatsApp call to a target device, malicious Pegasus code could be installed on the phone, even if the target never answered the call. More recently NSO has begun exploiting vulnerabilities in Apple’s iMessage software, giving it backdoor access to hundreds of millions of iPhones. Apple says it is continually updating its software to prevent such attacks.

For companies such as NSO, exploiting software that is either installed on devices by default, such as iMessage, or is very widely used, such as WhatsApp, is especially attractive, because it dramatically increases the number of mobile phones Pegasus can successfully attack.

Forensic analysis of the phones of victims has also identified evidence suggesting NSO’s constant search for weaknesses may have expanded to other commonplace apps. In some of the cases, peculiar network traffic relating to Apple’s Photos and Music apps can be seen at the times of the infections, suggesting NSO may have begun leveraging new vulnerabilities.

Where neither spear-phishing nor zero-click attacks succeed, Pegasus can also be installed over a wireless transceiver located near a target, or, according to an NSO brochure, simply manually installed if an agent can steal the target’s phone.

Once installed on a phone, Pegasus can harvest more or less any information or extract any file. SMS messages, address books, call history, calendars, emails and internet browsing histories can all be exfiltrated. When an iPhone is compromised, it’s done in such a way that allows the attacker to obtain so-called root privileges, or administrative privileges, on the device. Pegasus can do more than what the owner of the device can do.

438 Pegasus Spyware Getty

NSO has invested substantial effort in making its software difficult to detect and Pegasus infections are now very hard to identify. Security researchers suspect more recent versions of Pegasus only ever inhabit the phone’s temporary memory, rather than its hard drive, meaning that once the phone is powered down virtually all trace of the software vanishes.

One of the most significant challenges that Pegasus presents to journalists and human rights defenders is the fact that the software exploits undiscovered vulnerabilities, meaning even the most security-conscious mobile phone user cannot prevent an attack.

Published in The Guardian on July 18, 2021.Reprinted with permission.

More in C2 Advanced

The New York  Times: “How Taylor Swift  Conquered the World”
Getty

People

The New York Times: “How Taylor Swift Conquered the World”

En un panorama mediático polarizado, la figura de la artista de Tennessee trasciende el negocio del espectáculo. Taylor Swift no es solo la estrella del pop que más brilla, es un fenómeno generacional que define una nueva era en la cultura popular.

Should We All Be Putting Chips in Our Brains?
AdobeStock

Current Affairs

Should We All Be Putting Chips in Our Brains?

Los implantes neuronales como el que pretende comercializar Elon Musk a través de su empresa Neuralink prometen avances en distintos frentes, pero también enormes problemas éticos.

More in Explore

Crema inglesa: historia, receta y cómo servirla
iStock

Tips and resources

Crema inglesa: historia, receta y cómo servirla

La crema inglesa es una de las cremas básicas de repostería. Se elabora con muy pocos ingredientes y está deliciosa sola o como acompañamiento de otros postres. ¡Aquí tienes la receta paso a paso!

Julia Nigmatullina

TODAY’S TOP STORIES

Medical English: Lifting the Language Barrier in Health
Gtres

Language

Medical English: Lifting the Language Barrier in Health

El sistema de salud pública del Reino Unido ha iniciado una campaña para acercar el lenguaje médico al gran público y favorecer así las comunicación entre los pacientes y los profesionales sanitarios.

Conor Gleeson