A spyware tool called "Pegasus" was sold to governments across the world. The spyware infiltrates personal cell phones, and these governments use it to spy on many individuals.
International media organizations such as The Washington Post and The Guardian collaborated on this massive report.
What Is Pegasus Spyware?
Pegasus was developed by the Israeli cybersecurity organization NSO Group, Time reported. The company insists it is only intended for use against criminals and terrorists, but the investigation done by The Guardian and 16 other media organizations revealed widespread and continuing abuse of the spyware.
The Pegasus spyware works as malware that infiltrates smartphones via apps like iMessage and WhatsApp. Victims can also introduce the spyware into their devices by inadvertently clicking a link containing the vulnerability, Time explained.
Spyware like Pegasus take advantage of known and unknown flaws in a computer's operating system until the companies making the devices roll out fixes.
The NSO Group has also demonstrated the ability to install malware on devices with zero need for interaction from the victim. Receiving a call from someone attempting to infect a device was enough to successfully infiltrate the operating system's defenses without raising any alarms. The spyware is difficult to detect as it exists in the smartphone's memory, similar to ransomware.
A list of more than 50,000 phone numbers that included 37 smartphones, which forensic examination showed had been targeted for surveillance using Pegasus spyware, included contacts for many prominent people such as French President Emmanuel Macron. https://t.co/Omtvr4iC8p— The Washington Post (@washingtonpost) July 20, 2021
Once installed, Pegasus can harvest practically any data from the device and transmit it back to the attacker, The Guardian explained. The spyware user can secure a log of the phone owner's past movements and track their location in real-time with pinpoint accuracy, including the speed at which their car was traveling.
The data leak secured by Forbidden Stories (a Paris-based nonprofit media organization) and Amnesty International revealed that NSO's government clients contain phone numbers of more than 180 journalists, including reporters, editors and executives at the Financial Times, CNN, the New York Times, France 24, The Economist, Associated Press and Reuters.
Phone numbers of lawyers, activists, journalists, political opponents, government critics, as well as relatives of these individuals were also found in the list.
The list does not necessarily mean a successful hack of their mobile phones, but could possibly be future targets. However, forensics analysis of a small number of phones whose numbers appeared on the leaked list showed more than half had traces of the Pegasus spyware.
At least 10 governments are believed to be NSO's clients who were entering numbers into a system: Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Hungary, India, and the United Arab Emirates (UAE), The Guardian revealed. The phone numbers were from 45 countries across four continents.
The NSO Group still maintains it "does not operate the systems that it sells to vetted government customers, and does not have access to the data of its customers' targets."
Warning Signs Your Phone May Have Spyware
Even though Apple has said "security researchers agree iPhone is the safest, most secure consumer mobile device on the market," according to The Guardian, spyware attacks can still happen. Despite their advanced security features, iPhones are not airtight, Reader's Digest said. Look out for these signs that spyware or other malware may have infiltrated your iPhone.
4. Unusual Battery Drain and Overheating
Malicious software constantly works in the background of your iPhone and will drain unusually quickly because of this. Overheating may also occur. Although this can be sign of a damaged iPhone, malware cannot be ruled out.
3. Jailbroken Phone
A jailbroken iPhone removes restrictions imposed by Apple including apps installed outside of the App Store. Though not illegal, it increases the risk of iOS devices being more vulnerable to security breaches. Owners may unknowingly download software embedded with malware that may be otherwise thwarted by a trusted App Store," Reader's Digest explained.
Govts are slow to regulate global spyware industry b/c it's in their interest to keep it that way.— profdeibert (@RonDeibert) July 20, 2021
Meanwhile, litigation may bring accountability as liabilities for companies like NSO pile up
French prosecutor opens probe after Pegasus spyware complaint https://t.co/Tz5yyAwxPS
2. Encrypted Text Messages
Receiving strange SMS messages that look like code could be a worrisome sign that the device is hit with spyware. Beware of other texting scams like smishing that steal sensitive information from devices as well.
1. Data Usage Spikes
Similar to the unusual battery drain, an affected iPhone can also experience high data usage spikes as the hacker accesses and downloads data from the device through the internet. Users can check their data usage by going to Settings > Settings on their iPhone.
Once the issue is identified to be spyware, the key is to take action immediately. Be sure to check that the data in the device has not led to fraudulent bank transactions or identity theft.
6 Ways to Remove Spyware from Your iPhone
If you feel your iPhone is inflitrated with a Spyware, there are some actions you can take:
6. Anti-Spyware Apps
Phone scanning apps like Incognito, Certo and Kaspersky are well recommended and are a good litmus test for anything unusual going on in the iPhone.
5. iOS Update
By updating to the latest iOS, new security updates will also be included, Reader's Digest said. These updates can remove spyware from the iPhone and remove the jailbreak from a jailbroken phone as well. An iPhone left in old software can be more vulnerable to attacks.
4. Delete apps
Delete the apps that you don't remember downloading. These can be malware installed by the attacker.
3. Factory Reset
This is the last resort and should only be done if nothing else works. Factory resets will completely erase all data from the iPhone, this includes any spyware. Go to Settings > General > Reset. Select Erase All Content and Settings or plug the iPhone into a computer running iTunes or Finder for the latest macOS and reset it using the Restore iPhone option.
2. Check iCloud
Check all devices that are accessing the linked iCloud of the iPhone. If an iCloud is synced and shared with another person and their devices are hacked, data from that shared iCloud will be harvested affecting you as well, even if yo were not attacked directly.
It is extremely important to safeguard your username and password by enabling Multi-Factor Authentication.
1. Change Passwords
After removing spyware or any malware, reset all of your passwords. Set up unique and hard-to-guess passwords that can just be a string of upper and lowercase letters, numbers, and special symbols with no inherent meaning. It is best to have a password manager to keep the passwords safe.
Always stay vigilant and be critical of any messages or emails you receive from an unknown sender. Do not open any suspicious links or download any apps that do not have a reputable developer.