The next big malware threat is around the corner. Cybersecurity experts are always alert to spot and fight back the latest piece of malicious software about to be developed and deployed. 

In this sense, it takes a lot of effort to be fully aware of the vast ecosystem of malware that currently represents a threat to our privacy. One of these threats is Pegasus.

At My IT Guy, we are passionate about this but also care about having our audience informed about the existing digital threats. Our team wants clients to be safe and that begins with getting to know the enemies that are lurking.

What is Pegasus and How Does It Work?

In cybersecurity, “Pegasus” is the name assigned to a specific type of spyware that allows attackers to have full access to victims’ smartphones running iOS software. For Android devices, an almost identical malware named Chrysaor has been spotted.

Pegasus as spyware has the capability to read messages on different apps including email, track and transmit voice calls, collect passwords, access microphones and cameras, access and transmit browser history, access encrypted media, track location in real-time, and much more.

By considering Pegasus’ capabilities, we can say that it’s one of the most powerful and successful spyware software out there. In the case of iOS, Pegasus was the first successful remote jailbrake exploit to be known, something that made Apple rush to fix the vulnerability.

To infect the target’s device, Pegasus relies on social engineering, sending a phishing text message that includes a link. If the user clicks on the link, a door opens for the malware to infect the device.

And what about scanning your device in order to detect it? Not that easy. The Pegasus malware is quite skillful at hiding in our smartphones. However, according to a cybersecurity report from Kapersky, this spyware self-deletes after 60 days since its last transmission with the command server. It could also go away by itself if the piece of malware or its command server detect that it has infected the wrong device.

The Background

But where this spyware came from? At this point, the story gets even more interesting.

Pegasus was discovered thanks to Ahmed Mansoor, a human rights activist from the United Arab Emirates who was a target of this cyberattack. After receiving suspicious text messages, he decided to share the information with Citizen Lab and Lookout. These cybersecurity firms proceeded to study the phishing link and the infection that came as a result.

Both cybersecurity firms called Pegasus “the most sophisticated malware currently in existence”, which is a lot to digest. 

After studying the malware, experts concluded that it was developed by NSO Group, a well-known Israeli private contractor that develops and sells surveillance software to governments around the world. Oddly enough, the company claims that it provides authorized government with technology that helps them combat terror and crime, a vague argument that tries to justify their work for shady agents.