Pegasus is a spyware developed by the Israeli cyberarms firm NSO Group that can be covertly installed on mobile phones (and other devices) running most versions of iOS and Android. The 2021 Project Pegasus revelations suggest that the current Pegasus software can exploit all recent iOS versions up to iOS 14.6. As of 2016, Pegasus was capable of reading text messagestracking callscollecting passwordslocation tracking, accessing the target device's microphone and camera, and harvesting information from apps. The spyware is named after the mythical winged horse Pegasus—it is a Trojan horse that can be sent "flying through the air" to infect phones.

NSO Group was previously owned by American private equity firm Francisco Partners, but it was bought back by its founders in 2019. The company states that it provides "authorized governments with technology that helps them combat terror and crime." NSO Group has published sections of contracts which require customers to use its products only for criminal and national security investigations and has stated that it has an industry-leading approach to human rights.

Pegasus was discovered in August 2016 after a failed installation attempt on the iPhone of a human rights activist led to an investigation revealing details about the spyware, its abilities, and the security vulnerabilities it exploited. News of the spyware caused significant media coverage. It was called the "most sophisticated" smartphone attack ever, and marked the first time that a malicious remote exploit using jailbreak to gain unrestricted access to an iPhone had been detected.

On August 23, 2020, according to intelligence obtained by the Israeli newspaper Haaretz, NSO Group sold Pegasus spyware software for hundreds of millions of US dollars to the United Arab Emirates and the other Gulf States, for surveillance of anti-regime activists, journalists, and political leaders from rival nations, with encouragement and mediation by the Israeli government. Later, in December 2020, the Al Jazeera investigative show The Tip of the IcebergSpy partners, exclusively covered Pegasus and its penetration into the phones of media professionals and activists; and its use by Israel to eavesdrop on both opponents and allies.

In July 2021, widespread media coverage part of the Project Pegasus revelations along with an in-depth analysis by human rights group Amnesty International uncovered that Pegasus was still being widely used against high-profile targets. It showed that Pegasus was able to infect all modern iOS versions up to the latest release, iOS 14.6, through a zero-click iMessage exploit.

How Old is Pegasus?

Pegasus' iOS exploitation was identified in August 2016. Arab human rights defender Ahmed Mansoor received a text message promising "secrets" about torture happening in prisons in the United Arab Emirates by following a link. Mansoor sent the link to Citizen Lab, who investigated, with the collaboration of Lookout, finding that if Mansoor had followed the link it would have jailbroken his phone and implanted the spyware into it, in a form of social engineering. Citizen Lab linked the attack to the NSO Group.

Regarding how widespread the issue was, Lookout explained in a blog post: "We believe that this spyware has been in the wild for a significant amount of time based on some of the indicators within the code" and pointed out that the code shows signs of a "kernel mapping table that has valued all the way back to iOS 7" (released 2013).The New York Times and The Times of Israel both reported that it appeared that the United Arab Emirates was using this spyware as early as 2013. It was used in Panama by former president Ricardo Martinelli from 2012 to 2014, who established the Consejo Nacional de Seguridad (National Security Council) for its use. Several lawsuits outstanding in 2018 claimed that NSO Group helped clients operate the software and therefore participated in numerous violations of human rights initiated by its clients. Two months after the murder and dismemberment of Washington Post journalist Jamal Khashoggi, a Saudi human rights activist, in the Saudi Arabian Consulate in Istanbul, Turkey, Saudi dissident Omar Abdulaziz, a Canadian resident, filed suit in Israel against NSO Group, accusing the firm of providing the Saudi government with the surveillance software to spy on him and his friends, including Khashoggi.

Victims of Pegasus.

Pegasus spyware were built on on the motive for targeting higher authority people's, Business people's, Government Insiders, Social Activists.

How is Pegasus different from other spyware?

Pegasus aka Q Suite, marketed by the NSO Group aka Q Cyber Technologies as “a world-leading cyber intelligence solution that enables law enforcement and intelligence agencies to remotely and covertly extract” data “from virtually any mobile devices”, was developed by veterans of Israeli intelligence agencies.

Until early 2018, NSO Group clients primarily relied on SMS and WhatsApp messages to trick targets into opening a malicious link, which would lead to infection of their mobile devices. A Pegasus brochure described this as Enhanced Social Engineering Message (ESEM). When a malicious link packaged as ESEM is clicked, the phone is directed to a server that checks the operating system and delivers the suitable remote exploit.

In its October 2019 report, Amnesty International first documented use of ‘network injections’ which enabled attackers to install the spyware “without requiring any interaction by the target”. Pegasus can achieve such zero-click installations in various ways. One over-the-air (OTA) option is to send a push message covertly that makes the target device load the spyware, with the target unaware of the installation over which she anyway has no control.

This, a Pegasus brochure brags, is “NSO uniqueness, which significantly differentiates the Pegasus solution” from any other spyware available in the market

Mode of Attack

Pegasus spyware was the most silent background stalker. It won't express out any kind of evidence to the user that the user is inflected.

It initiates the process with clickbait. The Attacker send a notorious link to the Victim.

As soon as the victim clicks the link it download's and install a spyware onto the Mobile/Device.

The victim has been Infected!.

The Pegasus project is the most expensive and notorious project which lead by the isareli group. The spyware wasn't controlled by any attacker. As soon as the Victim is Infected it creates a Backdoor with the Remote server with a silent data transmission.

As the victim is already Infected , the Attacker can logon with the remote and spy on the chat messages, transactions, calendar, mail, contacts, Camera, Microphone it includes all the private details.

credits: The above pic is used from "The Guardian"

So, That's all by my side. There is much more interesting article were stuffed up with the site. Click on the bellow tags to find much more related If you find the article Intresting share the article with other friends.