Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Pegasus. Show all posts
Spyware
AI Android Data Internet malware Pegasus Spyware

How Spyware Steals Your Data Without You Knowing About It


You might not be aware that your smartphone has spyware, which poses a risk to your privacy and personal security. However, what exactly is spyware? 

This type of malware, often presented as a trustworthy mobile application, has the potential to steal your data, track your whereabouts, record conversations, monitor your social media activity, take screenshots of your activities, and more. Phishing, a phony mobile application, or a once-reliable software that was upgraded over the air to become an information thief are some of the ways it could end up on your phone.

Types of malware

Legitimate apps are frequently packaged with nuisanceware. It modifies your homepage or search engine settings, interrupts your web browsing with pop-ups, and may collect your browsing information to sell to networks and advertising agencies.

Nuisanceware

Nuisanceware is typically not harmful or a threat to your fundamental security, despite being seen as malvertising. Rather, many malware packages focus on generating revenue by persuading users to view or click on advertisements.

Generic mobile spyware

Additionally, there is generic mobile spyware. These types of malware collect information from the operating system and clipboard in addition to potentially valuable items like account credentials or bitcoin wallet data. Spray-and-pray phishing attempts may employ spyware, which isn't always targeted.

Stalkerware

Compared to simple spyware, advanced spyware is sometimes also referred to as stalkerware. This spyware, which is unethical and frequently harmful, can occasionally be found on desktop computers but is becoming more frequently installed on phones.

The infamous Pegasus

Lastly, there is commercial spyware of governmental quality. One of the most popular variations is Pegasus, which is sold to governments as a weapon for law enforcement and counterterrorism. 

Pegasus was discovered on smartphones owned by lawyers, journalists, activists, and political dissidents. Commercial-grade malware is unlikely to affect you unless you belong to a group that governments with ethical dilemmas are particularly interested in. This is because commercial-grade spyware is expensive and requires careful victim selection and targeting.

How to know if spyware is on your phone?

There are signs that you may be the target of a spyware or stalkerware operator.

Receiving strange or unexpected emails or messages on social media could be a sign of a spyware infection attempt. You should remove these without downloading any files or clicking any links.

Read more »
Spyware
Hacking WhatsApp Litigation Mobile Security NSO Pegasus Spyware

US Judge Permanently Bans NSO Group from Targeting WhatsApp Users

 

A U.S. federal judge has issued a permanent injunction barring Israeli spyware maker NSO Group from targeting WhatsApp users with its notorious Pegasus spyware, marking a landmark victory for Meta following years of litigation. 

The decision, handed down by Judge Phyllis J. Hamilton in the Northern District of California, concludes a legal battle that began in 2019, when Meta (the parent company of WhatsApp) sued NSO after discovering that about 1,400 users—including journalists, human rights activists, lawyers, political dissidents, diplomats, and government officials—had been surreptitiously targeted through “zero-click” Pegasus exploits.

The court found that NSO had reverse-engineered WhatsApp’s code and repeatedly updated its spyware to evade detection and security fixes, causing what the judge described as “irreparable harm” and undermining WhatsApp’s core promise of privacy and end-to-end encryption. The injunction prohibits NSO not only from targeting WhatsApp users but also from accessing or assisting others in accessing WhatsApp’s infrastructure, and further requires NSO to erase any data gathered from targeted users.

This victory for Meta was significant, but the court also reduced the previously awarded damages from $168 million to just $4 million, finding the original punitive sum excessive despite NSO’s egregious conduct. Nevertheless, the ruling sets a precedent for how U.S. tech companies can use the courts to combat mercenary spyware operations and commercial surveillance firms that compromise user privacy.

NSO Group argued that the permanent ban could “drive the company out of business,” pointing out that Pegasus is its flagship product used by governments ostensibly for fighting crime and terrorism. An NSO spokesperson claimed the ruling would not impact existing government customers, but Meta and digital rights advocates insist this bans NSO from ever targeting WhatsApp and holds them accountable for civil society surveillance.

The case highlights the ongoing tension between tech giants and commercial spyware vendors and signals a new willingness by courts to intervene to protect user privacy against advanced cyber-surveillance tools.
Read more »
WhatsApp
AI Backdoor Data Encryption Pegasus Spyware Technology WhatsApp

Frances Proposes Law Requiring Tech Companies to Provide Encrypted Data


Law demanding companies to provide encrypted data

New proposals in the French Parliament will mandate tech companies to give decrypted messages, email. If businesses don’t comply, heavy fines will be imposed.

France has proposed a law requiring end-to-end encryption messaging apps like WhatsApp and Signal, and encrypted email services like Proton Mail to give law enforcement agencies access to decrypted data on demand. 

The move comes after France’s proposed “Narcotraffic” bill, asking tech companies to hand over encrypted chats of suspected criminals within 72 hours. 

The law has stirred debates in the tech community and civil society groups because it may lead to building of “backdoors” in encrypted devices that can be abused by threat actors and state-sponsored criminals.

Individuals failing to comply will face fines of €1.5m and companies may lose up to 2% of their annual world turnover in case they are not able to hand over encrypted communications to the government.

Criminals will exploit backdoors

Few experts believe it is not possible to bring backdoors into encrypted communications without weakening their security. 

According to Computer Weekly’s report, Matthias Pfau, CEO of Tuta Mail, a German encrypted mail provider, said, “A backdoor for the good guys only is a dangerous illusion. Weakening encryption for law enforcement inevitably creates vulnerabilities that can – and will – be exploited by cyber criminals and hostile foreign actors. This law would not just target criminals, it would destroy security for everyone.”

Researchers stress that the French proposals aren’t technically sound without “fundamentally weakening the security of messaging and email services.” Similar to the “Online Safety Act” in the UK, the proposed French law exposes a serious misunderstanding of the practical achievements with end-to-end encrypted systems. Experts believe “there are no safe backdoors into encrypted services.”

Use of spyware may be allowed

The law will allow using infamous spywares such as NSO Group’s Pegasus or Pragon that will enable officials to remotely surveil devices. “Tuta Mail has warned that if the proposals are passed, it would put France in conflict with European Union laws, and German IT security laws, including the IT Security Act and Germany’s Telecommunications Act (TKG) which require companies to secure their customer’s data,” reports Computer Weekly.

Read more »
Technology
iVerify Pegasus Security Tool Spyware Technology

Novel iVerify Tool Detects Widespread Use of Pegasus Spyware

 


iVerify's mobile device security tool, launched in May, has identified seven cases of Pegasus spyware in its first 2,500 scans. This milestone brings spyware detection closer to everyday users, underscoring the escalating threat of commercial spyware. 

How the Tool Works 

iVerify’s Mobile Threat Hunting uses advanced detection methods, including:
  • Malware Signature Detection: Matches known spyware patterns.
  • Heuristics: Identifies abnormal behavior indicative of infections.
  • Machine Learning: Analyzes patterns to detect potential threats.
The service is offered to paying customers, with a free version available via the iVerify Basics app for a nominal fee. Users can run monthly scans, generating diagnostic files for expert evaluation. 
  
Spyware’s Broadening Scope 
 
The detected infections reveal Pegasus spyware targets beyond traditional assumptions: Victims include business leaders, government officials, and commercial enterprise operators.

The findings suggest spyware usage is more pervasive than previously believed.

Rocky Cole, iVerify’s COO and former NSA analyst, stated, "The people who were targeted were not just journalists and activists, but business leaders, people running commercial enterprises, and people in government positions."

Detection and Challenges iVerify’s tool identifies infection indicators such as:
  • Diagnostic data anomalies.
  • Crash logs.
  • Shutdown patterns linked to spyware activity.
These methods have proven crucial in detecting Pegasus spyware on high-profile targets like political activists and campaign officials. Despite challenges such as improving mobile monitoring accuracy and reducing false positives, the tool's efficacy marks a significant advancement. 
  
Implications for Mobile Security 
 
The success of iVerify’s tool signifies a shift in mobile security perceptions: Mobile devices like iPhones and Android phones are no longer considered relatively secure from spyware attacks.

Commercial spyware’s increasing prevalence necessitates more sophisticated detection tools.

iVerify’s Mobile Threat Hunting tool exemplifies this evolution, offering a powerful resource in the fight against spyware and promoting proactive device security in an increasingly complex threat landscape.
Read more »
Spyware
Apple Cyber Security data security iPhone Hacks Mobile Hacking Mobile Spyware Pegasus Pegasus Spyware Spyware

Apple Alerts Pegasus-like Attack on Indian Activists and Leaders

 

On July 10, two individuals in India received alarming notifications from Apple, Inc. on their iPhones, indicating they were targeted by a “mercenary” attack. This type of spyware allows attackers to infiltrate personal devices, granting access to messages, photos, and the ability to activate the microphone and camera in real time. Apple had previously described these as “state-backed” attacks but revised the terminology in April. 

Iltija Mufti, political adviser and daughter of former Jammu and Kashmir Chief Minister Mehbooba Mufti, and Pushparaj Deshpande, founder of the Samruddha Bharat Foundation, reported receiving these alerts. Both Mufti and Deshpande confirmed to The Hindu that they had updated their phones and planned to have them forensically examined. A spokesperson for Apple in India did not provide an immediate comment. 

Although the alert did not specifically mention state involvement, it cited Pegasus spyware as an example. Pegasus, developed by the Israeli NSO Group Technologies, is exclusively sold to governments. The Indian government has not confirmed or denied using Pegasus and declined to participate in a Supreme Court-ordered probe into its deployment. This is the first instance in months where such spyware alerts have been issued. 

The last known occurrence was in October, when Apple devices belonging to Siddharth Varadarajan of The Wire and Anand Mangnale of the Organized Crime and Corruption Report Project received similar warnings. Forensic analysis later confirmed they were targeted using vulnerabilities exploited by Pegasus clients. Both Mufti and Deshpande criticized the Union government, accusing it of using Pegasus. Mufti stated on X (formerly Twitter), “BJP shamelessly snoops on women only because we refuse to toe their line,” while Deshpande highlighted the government’s misplaced priorities, focusing on deploying Pegasus rather than addressing India’s significant challenges. 

An international investigation in 2021 by the Forbidden Stories collective exposed widespread targeting of civil society organizations, opposition politicians, and journalists with Pegasus spyware. The Indian government denied illegal activity but did not clearly confirm or deny the use of Pegasus. Alleged targets included Rahul Gandhi, former Election Commissioner Ashok Lavasa, student activist Umar Khalid, Union Minister Ashwini Vaishnaw, the Dalai Lama’s entourage, and individuals implicated in the 2018 Bhima Koregaon violence.
Read more »
Spyware
Cyber Attacks EU European Union Hacking Human rights Meduza Pegasus Pegasus Spyware Russian exiled journalist Spyware

Russian Exiled Journalist Says EU Should Ban Spyware


The editor-in-chief of the independent Russian news site Meduza has urged the European Union to enact a comprehensive ban on spyware, given that spyware has been frequently used to violate human rights.

According to Ivan Kolpakov, Meduza’s editor-in-chief based in Latvia, it was obvious that Europeans should be very concerned about Pegasus in light of the discoveries regarding the hacking of his colleague Galina Timichenko by an as-yet-unconfirmed EU country.

“If they can use it against an exiled journalist there are no guarantees they cannot use it against local journalists as well[…]Unfortunately, there are a lot of fans in Europe, and we are not only talking about Poland and Hungary, but Western European countries as well,” said Kolpakov.

Since last month, the European Commission has been working on guidelines for how governments could employ surveillance technologies like spyware in compliance with EU data privacy and national security rules since last month. Despite the fact that member states are responsible for their own national security, the Commission is considering adopting a position after learning that 14 EU governments had purchased the Pegasus technology from NSO Group.

Apparently, Timichenko was targeted by Pegasus in February 2023 when she was in Berlin for a private gathering of Russian media workers exile. The meeting's subject was the threats posed by the Russian government's categorization of independent Russian media outlets as foreign agents.

Taking into account the work that Timichenko deals with, Russia was first suspected; but, according to the digital rights organization Access Now, additional information suggests that one of the intelligence services of an EU member state — the exact one is yet unknown — is more likely to be to blame.

Allegedly, the motive behind the hack could be that numerous Baltic nations, to whom Russia has consistently posed a threat, are worried that a few FSB or GRU agents may have infiltrated their borders among expatriate dissidents and journalists.

“It may happen and probably it actually happens, but in my opinion, it does not justify the usage of that kind of brutal tool as Pegasus against a prominent independent journalist,” Kolpakov said.

Kolpakov believes that the revelations have left the exiled community feeling they are not safe in Europe. “This spyware has to be banned here in Europe. It really violates human rights,” he added.     

Read more »
User Privacy
FBI Hackers Israel malware NSO Group Pegasus Ransomware Attacks. User Privacy

FBI Nearly Adopted NSO's Spyware

According to a report published by the New York Times on Saturday, several agents from the US Federal Bureau of Investigation worked to enhance the rollout of Pegasus, the notorious phone-hacking program created by Israel's NSO Group. 

What is Pegasus?

Once installed, Pegasus spyware enables the user to fully manage a target's phone, allowing them to see messages, listen in on calls, and access the phone as a remote listening device.

Significant numbers of human rights activists, journalists, politicians, and corporate executives were reportedly designated as potential targets of NSO's Pegasus program, which has caused criticism for the Israeli company responsible for its development. 

When smartphones are infected with Pegasus, they effectively become portable surveillance tools that can be used to read the target's messages, browse through the images, or even switch on the user's camera and microphone secretly.

FBI Purchased Pegasus 

The highly classified files, which were provided to the Times in response to a FOIA request, reveal that agency officials had developed guidelines for federal prosecutors concerning how to disclose Pegasus usage in court proceedings and were progressed in organizing to brief FBI heads on the malware.

Additionally, the FBI asserted that Pegasus had never been used to assist an FBI investigation. The FBI only obtained a restricted license for product testing and evaluation, the statement read "There was no functional use in support of any investigation."

The announcement represents a clear admission by the FBI that it purchased Pegasus, one of the most advanced hacking tools in existence.

The FBI examined NSO's Phantom software, which has the ability to hack US phones, earlier this year, the press reported. After learning that NSO's hackers were linked to violations of human rights all around the world and as negative press about the technology spread, the FBI eventually opted against utilizing it.

The New York Times broke the news of the FBI's acquisition of Pegasus in 2019 while the Trump administration was in control. However, the bureau has still not ruled out the potential of using comparable technology in the future, the report said, citing recent court records.

A legal brief submitted on the bureau's behalf last month stated that "just because the FBI eventually decided not to deploy the tool in support of criminal investigations does not mean it would not test, evaluate, and potentially deploy other similar tools for gaining access to encrypted communications used by criminals."



Read more »
User Safety
Data Data Breach Data Leak Pegasus Safety Security User Data User Safety

Telstra Struck by Data Breach Exposing 30,000 Employees' Data

 

Telstra, Australia's largest telecommunications company, revealed a data breach via a third-party supplier. The company stated that its systems were not compromised; rather, the security breach affected a third-party supplier who previously provided a now-defunct Telstra employee rewards programme. 

The data breach affected a third-party platform called Work Life NAB, which is no longer available, and was provided to several other organisations by Pegasus Group Australia (a subsidiary of MyRewards International Ltd.). Pegasus Group Australia, a subsidiary of MyRewards International Ltd, ran it. 

The third-party platform did not store any customer account information, according to Narelle Devine, the company's chief information security officer for the Asia Pacific region. Other companies appear to have been affected by the security breach. Data from 2017 was leaked online, and it included names (first and last) and email addresses used to sign up for the employee rewards programme.

“Information obtained as a result of a data breach at a third-party supplier was posted on the internet. The supplier previously provided a now-obsolete Telstra employee rewards program.” reads the statement published by the company. “Critically, there was no breach of any Telstra systems, and no customer account information was stored on the third-party platform.”

According to Reuters, people who obtained access to internal Telstra staff email, 30,000 current and former employees have been affected. The company is still investigating the incident and assisting the third party in determining how and to what extent the security breach occurred.

Optus, Australia's second-largest company, recently confirmed that a security breach impacted nearly 2.1 million of its current and former customers.
Read more »
Subscribe to: Comments (Atom)