Privacy is need which is a double edged sword in the hands of the right people it's a need so they can live in peace because they then have at least the peace of my mind that even the minute part of their data is safe and no person organization can look into their data in an unwanted manner , but in the hands of the wrong people it can wreak havoc and by that I mean cyber terrorists , terrorists and criminals this can go south very fast.

Almost every other software present on this planet now has an inbuilt encryption system whether its whatsapp chat , telegram , signal , i-message or even google rick text or message all have well founded encryption system which protects normal and casual people so that their chats , pictures or any other media to be read or used by any third party but using these same softwares criminals and terrorists and cyber-terrorists function without coming on the radar of law enforcement or intelligence authorities.

This whole issue gave rise to a new form of warfare and as well as corporation who use different sort of softwares or websites to stop the misuse of privacy. This new form of warfare is cyber warfare and spyware or spy software. There are corporations which legally sell such software or hardware to do monitor people for multiple noble reasons like investigating criminals and terrorists but we all know that the world isn't all so black and white such kind of software or hardware can probably be used for much more nefarious purposes like state surveillance.

So today we will take a deep dive into the Pegasus spyware/malware which ever way you would like to call it. So this problem doesn't start recently but goes way back 2019. So today we will take a look at the different parties who are involved with the Pegasus spyware.

So there are mainly two parties to this situation one is NSO group and amnesty international and its security labs. The countries that were affected by Pegasus spyware are Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, UAE. NSO group is an organization that sells legalized spyware to different countries law enforcement to investigate terrorism and criminals. While amnesty international security labs is the group which investigated such spyware which was allegedly installed on about 50000 journalists including the infamous jamal Khashoggi's wife, i.e the journalist who was killed in Saudi consulate in Istanbul.

So starting with what's a spyware, software that enables a user to obtain covert information about another's computer activities by transmitting data covertly from their hard drive. Please do not confuse spyware to hidden cameras and all they are a whole another shenanigan and do not pertain to this topic. Pegasus spyware is a malware which can be installed and through which data can routed very easily because it has certain permissions which allow to read very sensitive data from our phones like sms and call logs, monitor our browsing activity etc.

So how can one end up getting such a malware in their native systems without their knowledge. And in that fact lies everything such malware can be installed in such a sneaky snarky manner that you won't even realize it and the problem is no device whether android, IOS , windows is safe from such malware.

So, what is a malware, computer software such as a virus that the user does not know about or want and is designed to damage how a computer or computer network works. So, how can they get access to such sensitive information so easily and the answer to that is they do it by gaining root access to the device indirectly or kernel access if you are talking about a laptop.

Now what is root or kernel access, we all know who use a laptop or desktop on a regular basis that a laptop doesn't have one single user it has basically two one is the main user or the end of the line user or customer and the other is admin. So here the admin is the root user, a root user has access to not only the normal data the normal/common user has access to but also to sensitive data.

Now the question arises that why don't big companies make the end user the root user the answer to that is the fact it is a very risky proposition and even one single tiny mistake can render your device useless because the root user also has access to backdoors which are legitimately are used by corporations to solve bugs etc but if mishandled can be used by attackers to gain access to your device, obviously that doesn't stop many people from rooting their phones or gaining admin rights on their desktops. But what this malware does is forcefully gain such access by different means these means are:

1. Spear phishing email
2. Public networks
3. Physically getting hold of your device

Now talking about spear phishing emails or texts , this is a old but a tried and tested method earlier used by fraudsters to defraud people of their money now used to gain sensitive info because in todays generations information is the biggest buck earner. The way it happens is they create a website with underlying code to forcefully getting root access, they send a email or message to you asking or requesting you to click on a link and as soon as you click on such link it gets root access and once its done it can read sms , call logs , contacts , app data , browsing history etc.

Second method works if you ever log into a open public wifi network , such networks are almost everywhere high end diners to normal cafes. So what goes down is this you log into a public network and it asks for you to login by providing an email or mobile number once you do so you are allowed to use such network but what if the attacker creates a hotspot of his own , spoofs a similar looking login page , in this case once you login by giving you credentials it starts working to get root access and once root access is gained all of your data can be skimmed , saved and transmitted as per the attackers will.

Last method is the good old method of getting hold of your device and directly putting a code in it which is malicious in nature and gets root access but in todays day and age that is rare.
This is the modus operandi of the Pegasus spyware I wont be entering into the politics it has started in our nation but if you wish to learn more you can check nso group and amnesty internationals in depth research.

Reference:

1. www.nsogroup.com
2. https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/