Personalities such as journalists, activists and politicians have been targeted over the phone malware sold to governments by an Israeli software company.
Several reports claimed that the Pegasus spyware was sold by NSO Group to authoritarian governments around the world in order to monitor opposition groups and dissidents.
A list of around 50,000 phone numbers of those affected was leaked to the Paris-based NGO Forbidden Stories and the human rights group Amnesty International before being released around the world, although the exact identity of the author of the information is still unclear.
Accusations
NSO denies any wrongdoing, telling the BBC the report was “full of flawed assumptions and unsubstantiated theories”.
The company says its software is sold only to armed forces, law enforcement and intelligence agencies in countries with good human rights records to help fight criminals and terrorists.
The 50,000-number list is said to contain over 1,000 people from over 50 countries, although 10 countries (Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and United Arab Emirates) have made up the essential of the list. incoming.
The personalities involved included around 180 journalists, from outlets such as CNN, the New York Times and Al Jazeera, several members of the Arab royal family, politicians, business leaders and political activists – including several close contacts (such as l wife and fiancee) of the murdered Saudi Arabian. journalist Jamal Khashoggi.
This isn’t the first time NSO or Pegasus have made headlines for allegedly malicious activity.
In 2019, the company was sued by WhatsApp over allegations that 1,400 of its users in 20 countries were targeted by Pegasus. Although NSO has denied any wrongdoing, the company has been barred from using WhatsApp.
The latest allegations include allegations that Pegasus infects Android devices and iPhones, giving operators (governments, in this case) access to messages, photos and emails. It can also record calls and surreptitiously activate microphones.
Spyware would need little activity to settle on a victim’s phone – which can in fact be done through a simple WhatsApp call.
Using this, the data packets are changed in the voice call sent to the target / victim causing an internal buffer overflow in the WhatsApp application which in turn will overwrite parts of the memory leading to bypassing of application security, allowing more control over the entire device and the data it contains.
Researchers say “authoritarian governments” have been known to create fake WhatsApp accounts to make video calls to their targets, transmit malicious code, and automatically install spyware even if the targets do not answer the call.
Experts say the only way to completely free your mobile from spyware like Pegasus is to throw the phone away – because even a “factory reset” may not be enough to secure your phone.
TechRadar Pro contacted NSO Group for comment.
Going through The Guardian