The Pegasus malware, created by the company NSO Group, is in the middle of a world scandal. This software allows you to access all the data on your phone once it has been installed through a malicious link sent by SMS. The program is sold only to governments and its main purpose is to monitor criminal and terrorist organizations.
How does the Pegasus malware is activated?
- The first step is that you will receive a message with a link. Sending can be done from servers outside the country, so the origin of the message is practically undetectable.
- When you click the link, it installs the spyware on the phone. Sometimes the message can include information or data close to the target, a form of persuasion known as “social engineering.”
- Once the link is clicked, the browser redirects the target to one of the NSO Group’s internet sites, and Pegasus is immediately installed on the mobile phone in a completely transparent way for the user, the user will never realize what happened.
- Once the software is installed, the one who sent the message has access to the files on the device, such as videos, photos, messages, emails, and a contact list. It also allows the device’s microphone and camera to be activated at any time, without the victim knowing. The attacker monitors practically the entire daily life of the affected person, the conversations he has, and the information he shares.
- Pegasus malware can be customized to track only some items periodically and send the information automatically from time to time; all information travels with strong encryption that makes it impossible to detect the spy and capture the information while traveling.
Is the OS weakness still open?
Between 2015 and 2016 when Pegasus operated widely, devices under the iOS operating system had 3 weaknesses that allowed to take control of the device.
Today these weaknesses have already been corrected in the new versions of the operating system, however, the affected devices could still be.
3.- Data that Pegasus malware can access to carry out telephone espionage
- All cell phone files: Videos, Photographs, pdf documents, emails, etc.
- All contact list
- SMS messages, iMessages
- Activate the cell phone’s camera and microphone remotely with a single click.
- Receive live video from apps like FaceTime and Skype
- Phone calls
4.- How to know if you have Pegasus installed and how to remove it
There are several ways that you can do it yourself:
- Check to be up to date with the latest version of the IOS operating system
- Make a backup only of your data and bring the iPhone to its original factory state by reinstalling the apps you use by hand.
- Install the free Lookout app that alerts you to hacker attacks and gives you practical advice on how to protect your personal information. Hack Alert is a Premium feature and is currently only available in English.
- Check in the Lookout Security> App Monitor app that the APP monitoring shows the result of “No malicious apps”. If it appears that you have malicious apps, you may be a victim of telephone spying.
5.- Additional actions that must be taken into account to avoid being a victim of espionage
The most recommended is:
- Request that they carry out an “electronic sweep” of your offices and home to check that you do not have any spy device installed or have your other telephone lines tapped.
- Perform an electronic sweep review of your car (s).
- Purchase phone call encryption software