The Supreme Court has stayed further proceedings of a Commission of Inquiry appointed by the West Bengal Government to look into allegations of snooping using the Pegasus software.
- The continued use of spyware Pegasus, which an Israeli company sells to governments worldwide, has been confirmed with fresh reports.
- Like the phones it targets, Pegasus has been apparently updated and now comes with new surveillance capabilities.
- Pegasus is a spyware tool developed by an Israeli firm, the NSO Group.
- Spyware spy on people through their phones.
- Pegasus works by sending an exploit link, and if the target user clicks on the link, the malware or the code that allows the surveillance is installed on the user’s phone.
- Once Pegasus is installed, the attacker has complete access to the target user’s phone.
- Pegasus can “send back the target’s private data, including passwords, contact lists, calendar events, text messages, and live voice calls from popular mobile messaging apps”.
- The target’s phone camera and microphone can be turned on to capture all activity in the phone’s vicinity, expanding the scope of the surveillance.
- A zero-click attack helps spyware like Pegasus gain control over a device without human interaction or human error.
- So all awareness about how to avoid a phishing attack or which links not to click are pointless if the target is the system itself.
- Most of these attacks exploit software which receive data even before it can determine whether what is coming in is trustworthy or not, like an email client.