- Pegasus spyware was allegedly used by governments to spy upon prominent journalists, politicians and activists.
- A Google blog has revealed how the sophisticated software was used to attack iPhone users.
- The software used a vulnerability in iMessages to hack into iPhones without the user’s knowledge.
The Pegasus spyware, developed by Israel’s NSO group, made headlines for being used by governments and regimes across the world including India to spy on journalists, activists, opposition leaders, ministers, lawyers and others. The spyware is accused of hacking into the phones of at least 180 journalists around the world, of which 40 are notable Indian personalities.
Now, a Google
blog from the Project Zero team called the attacks technically sophisticated exploits and assessed the software to have capabilities rivalling spywares previously thought to be accessible to only a handful of nations.
The company has also faced multiple lawsuits including one in India where the Supreme Court (SC) set up a
three-member panel headed by former SC judge RV Raveendran to probe whether the software was used by the government to spy on journalists and other dissidents.
Transform talent with learning that worksCapability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More Apart from India, Apple has also sued the Israeli firm after having patched its security exploit. The company was also banned in the United States after the details of the spyware were revealed. Let’s take a look at how this advanced snooping technology discretely worked on iPhones.
How Pegasus hacked iPhones
According to the Project Zero blog, a sample of the ForcedEntry exploit was worked upon by the team and Apple’s Security Engineering and Architecture (SEAR) group. Pegasus attacks on iPhones were possible due to the ForcedEntry exploit.
Here, the NSO hackers took advantage of how iMessage handled GIFs to insert a PDF file into an iPhone in the disguise of a GIF. Then, a vulnerability in the compression tool that is used to process texts in images, was exploited by the software.
ForcedEntry built a virtual computer in the iPhone to communicate with the command-and-control centre that would send instructions. The presence of a virtual computer made it harder to detect the attacks.
Pegasus could do it all without needing input from the user. They just needed the phone number or Apple ID to send the malicious file and then hack into the iPhone. As soon as the message was received by the iPhone, the hack became active without the user knowing of its presence on their device.
Although Apple has patched the vulnerability and informed its users who were
spied upon using the Pegasus software, there would still be companies developing spywares to hack into iOS and Android devices. With most of our devices being vulnerable, here’s
how you can protect your data.
SEE ALSO:Instagram now lets you embed a miniature version of your profile to websites — Here’s how you can do itXiaomi's MIUI 13: Release date, expected features and supported devices
Next Story
I tutor the children of some of Dubai's richest people. One of them paid me $3,000 to do his homework.
A 13-year-old girl helped unearth an ancient Roman town. She's finally getting credit for it over 90 years later.
It's been a year since I graduated from college, and I still live at home. My therapist says I have post-graduation depression. 
Sell-off in Indian stocks continues for the third session
Samsung Galaxy M55 Review — The quintessential Samsung experience
The ageing of nasal tissues may explain why older people are more affected by COVID-19: research
Amitabh Bachchan set to return with season 16 of 'Kaun Banega Crorepati', deets inside
Top 10 places to visit in Manali in 2024
