Pegasus (spyware)

The war between wetware and hardware.
Anaxagoras
Posts: 30171
Joined: Wed Mar 19, 2008 5:45 am
Location: Yokohama/Tokyo, Japan

Pegasus (spyware)

Post by Anaxagoras »

https://en.wikipedia.org/wiki/Pegasus_(spyware)
Pegasus is spyware developed by the Israeli cyber-arms company NSO Group that can be covertly installed on mobile phones (and other devices) running most[1] versions of iOS and Android.[2] Pegasus is able to exploit iOS versions up to 14.6, through a zero-click exploit.[1] As of 2022, Pegasus was capable of reading text messages, tracking calls, collecting passwords, location tracking, accessing the target device's microphone and camera, and harvesting information from apps.[3][4] The spyware is named after Pegasus, the winged horse of Greek mythology. It is a Trojan horse computer virus that can be sent "flying through the air" to infect cell phones.[5]

Pegasus was discovered in August 2016 after a failed installation attempt on the iPhone of a human rights activist led to an investigation revealing details about the spyware, its abilities, and the security vulnerabilities it exploited. News of the spyware caused significant media coverage. It was called the "most sophisticated" smartphone attack ever, and was the first time that a malicious remote exploit used jailbreaking to gain unrestricted access to an iPhone.[6]

The spyware has been used for surveillance of anti-regime activists, journalists, and political leaders from several nations around the world.[7] In July 2021, the investigation initiative Pegasus Project, along with an in-depth analysis by human rights group Amnesty International, reported that Pegasus was still being widely used against high-profile targets.[1]
The Battle for the World's Most Powerful Cyberweapon

Apparently they are so good at this that they can install it on your phone without your permission or knowledge, using a number of "zero day" exploits that the company discovered. These are vulnerabilities that even the maker of the software isn't aware of. Some of them have been found and patched, but supposedly there are others that only NSO knows of (as far as we know). It's also likely that others know about it too. We just don't know who they are.
Anaxagoras
Posts: 30171
Joined: Wed Mar 19, 2008 5:45 am
Location: Yokohama/Tokyo, Japan

Re: Pegasus (spyware)

Post by Anaxagoras »

For example, iPhones are made in China for the most part, aren't they? You think the Chinese know a few zero day exploits for iPhones and others? Seems like a pretty plausible bet, although I don't really know. What we do know, thanks to Pegasus, is that such vulnerabilities exist.
Grammatron
Posts: 37637
Joined: Tue Jun 08, 2004 1:21 am
Location: Los Angeles, CA

Re: Pegasus (spyware)

Post by Grammatron »

I am of the opinion that many to most are known to the creator companies such as Apple, but are kept around for statecraft purposes.