Who is the NSO Group?
The NSO Group is an Israeli cyber intelligence firm that, according to their website, “creates technology that helps government agencies prevent and investigate terrorism and crime.” NSO Group recently suffered a major data leak which has brought light on one of the products offered by the company. Current news is reporting that the NSO Group offers a cybersurveillance tool called Pegasus that has been discovered to be used by more than just government agencies and utilized on more than just criminals and terrorists.
What is Pegasus?
Pegasus, also being referred to as, “The most sophisticated smartphone attack ever” is a malicious program that can easily infect any iPhone, Android, or Blackberry device. Once the phone is infected, there is no way to remove the software, even with a hard factory reset. Pegasus allows an attacker to listen to phone calls and intercept incoming and outgoing text messages, but it doesn’t stop there. The software allows full access to the contents of the device. Passwords, photos, emails, contacts, ability to remotely turn on the microphone, and even the ability to view messages sent and received using encrypted applications like Signal and WhatsApp. This document from NSO group is a manual for the software, detailing its capabilities and how it works.
How is Pegasus deployed on a device?
Pegasus can be deployed via SMS, WhatsApp, iMessage, zero-day vulnerabilities, and social engineering. The scariest way that Pegasus can be loaded on a device requires zero interaction from the end user. An over-the-air (OTA) push message is sent to the device which installs an agent on the device. The target is unaware of the agent being installed and the user cannot prevent this from happening as the device gives no indication of malicious activity occurring and requires no interaction from the user.
What does it cost to get your hands on Pegasus?
The NSO Group charges $500,000 to setup Pegasus for a customer, then an additional $650,000 to hack 10 iPhone or Android devices or $500,000 for 5 Blackberry devices. NSO Group also charged a 17% maintenance fee based on what a customer has spent with them over the course of a year. Forbidden Stories reports the contract with Saudi Arabia was worth $55 million.
What targets has Pegasus been used against?
Media outlets have released a list containing over 50,000 phone numbers in over 50 countries, with a majority from countries with oppressive governments that have been known to spy on their citizens. The people that have been identified as targets of Pegasus include current heads of state from South Africa, France, Pakistan, Egypt, Iraq, business executives, human rights activists, journalists, and additional politicians or government officials.
Has your phone been infected?
A publication from The Verge gives a detailed guide to check if Pegasus has found its way onto your device using a Mobile Verification Toolkit.
