Pegasus spyware

Source– This post is based on the article “Is Pegasus spyware targeting journalists in India” published in “The Hindu” on 29th December 2023.

Why in the News?

The Washington Post and Amnesty International report alleges Pegasus spyware targeted journalists in India. The intrusion was discovered in October 2023 following Apple’s warning to users, including MPs, about potential ‘state-sponsored attacks’ on their iPhones.

What is the Pegasus Spyware?

1) Pegasus is a type of malicious software or malware designed to secretly collect information.

2) Developed by – Israeli security firm NSO Group.

3) Purpose: Pegasus is designed for three main activities:
a. Collection of historic data on  a device without user knowledge
b. Continuous  monitoring of activity and gathering of personal information and
c. Transmission of this data to third parties.

How does Pegasus infiltrate devices?

1) Pegasus is part of a tier called “zero click exploits” whereby it takes advantage of bugs in popular apps such as iMessage and WhatsApp to infiltrate the system.

Note– A zero-click exploit, unlike most cyberattacks, doesn’t require any interaction from the users they target, such as clicking on a link. It relies on vulnerabilities in devices and software to gain access.

2) Pegasus can also use unsecured websites to infiltrate a device. These are called network injection attacks. The device is infiltrated within milliseconds of visiting such a website.

UPSC Syllabus- Science & Technology