Pegasus 2 Spyware
Pegasus 2 Spyware
Unveiling the Controversial Digital Surveillance Tool
Pegasus, a sophisticated surveillance tool developed by the Israeli cybersecurity company NSO Group, has made headlines globally for its potent capabilities and controversial applications. Launched in 2016, Pegasus was originally designed to aid governments and law enforcement agencies in tracking criminals and terrorists by infiltrating their mobile devices. However, its utilization has sparked intense debates over privacy infringement, human rights violations, and ethical concerns.
Pegasus 2 infects a phone when the owner clicks on a link in a text message that downloads the malware. The virus was created by the NSO Group to target activists, journalists and political leaders, and is capable of penetrating both Android and Apple devices.
Key Points
Pegasus 2 infects a phone when the owner clicks on a link in a text message that downloads the malware. The virus was created by the NSO Group to target activists, journalists and political leaders and is capable of infiltrating both Android and Apple devices. Although it was released in 2011, the first instance where it infiltrated an iPhone was in 2016.
Pegasus was a type of spyware used in successful mobile phone hacking attempts. NSO Group developed zero-click hacking as a tool to monitor the communications of political leaders, journalists and activists in several countries.
The Genesis of Pegasus
Pegasus operates as a potent form of spyware, exploiting vulnerabilities in operating systems like iOS and Android to gain access to a target's smartphone. Once installed, it can collect a wide array of data, including messages, emails, contacts, and even activate the device's microphone and camera, essentially turning the phone into a powerful surveillance tool.
Today, almost everyone carries their phone as a primary source of communication and stores all their personal information on it, making smartphones prime targets for hacking. Most people use smartphones not only to communicate, but also to share information and store important documents, photos and other information. That is why private and large companies create their own hacking software, such as Pegasus software. Pegasus is a hacking program or spyware developed, sold and licensed to governments around the world by the Israeli NSO Group. It is capable of infecting billions of iOS or Android phones [Kirchgaessner, 2021]. Pegasus can bypass smartphone security and install spyware that provides full access to the mobile device. The program can use all messages sent or received on the smartphone. Not only can the software access every photo, video or email, but it can also turn the device's microphones and cameras on and off even when no one is using it. It can also easily use GPS and track your device's location without your knowledge [Amnesty.org, 2021
Pegasus is currently arguably the most advanced spyware ever developed. It can certainly be called one of the most invasive forms of surveillance imaginable. Apparently, mobile users want all personal information or part of their life to be private on the device. Most people mistakenly think that messengers are safe from hacks and strangers because you use something like WhatsApp, which is supposed to have secure encryption. In fact, there's no point in feeling safe about your data, because Pegasus can still be on your phone and track your every move. So far, the only tool to detect Pegasus spyware is Amnesty International's Mobile Inspection Toolkit [Github.com, 2021] This spyware uses various methods to hack a device, such as sending links and then opening the link on the victim's device, or using improvised wireless networks and then connecting the device to that network. Pegasus can also infect both iOS and Android while remaining almost invisible. Another method Pegasus uses to attack smartphones is a so-called zero-day vulnerability. This is a vulnerability that the device manufacturer is not yet aware of and does not require any actions from the device user, such as fraudulent installation and authorization. Another way to attack devices is through calling and texting. These calls were usually made on a Monday or Tuesday and when an answer was attempted, the call was dropped. But even that call was enough to install malware on your phone. Similarly, a virus can be sent via text messages and when the user opens the message, the spyware is downloaded to the device [Dwoskin et.al., 2021]. Pegasus is the flagship product of Israeli surveillance company NSO Group. Thus, customers using this spyware could be government customers, including governments around the world or large corporations, organizations to which NSO Group sold a copy of Pegasus [Timberg et.al., 2021
The first Pegasus attacks were recorded in 201 . The earliest fully functional version of Pegasus, discovered in 2016, infected phones using what is known as spear phishing – text messages or emails that trick the target into clicking on a malicious link. Exploitation of zero-day attacks has been documented since May 2018 [Johnson, 2021]. In 2019, WhatsApp revealed that Pegasus software used WhatsApp to send malicious code to more than 1, 00 phones by exploiting a zero-day vulnerability in the phone's software. Calling WhatsApp on the victim's phone was enough to install Pegasus on a separate device's phone. At the same time, you didn't even have to answer this call, just a missed call was enough to access the data stored in the device. It is not even necessary to use this particular messenger for these purposes. Pegasus Messenger hacks it and creates a backdoor that leaves a hole in the code of a legitimate program that allows access to the device for unauthorized operations and lets the attacker secretly enter the system by granting administrator privileges [Pegg, 2021]. Pegasus also has a self-destruct feature that is activated to remove all signs of spyware from the device. The program completely cleans all traces of its existence, leaving almost no possibility of detection [Cloudsek.com, 2021]. As soon as manufacturers of phones and other mobile devices became aware of the Pegasus software, Samsung and IPhone released an update for their devices. However, recent research has shown that even the updates released in July 2021 failed to protect users' devices. For example, the latest version of the IPhone, which is famous for the best protection of its devices and has its own software, has already been hacked. NSO Group and its product Pegasus have found alternative ways to circumvent the new protections. Using applications such as Apple Photos or Apple Music, Pegasus obtains so-called root user rights that allow access to the target device. This gives Pegasus complete control over the device, allowing it to modify system files and folders that device users didn't know existed on their devices. The latest versions of the program do not even leave a trace in the phone's memory [Avery, 2021]. The creator of Pegasus spyware, NSO Group, claims that their program was created to improve counter-terrorism operations. They only sold licenses to government intelligence and law enforcement agencies for the sole purpose of preventing and investigating terrorist acts and serious crimes. They also claimed to be able to check all copies of the program and close them all if necessary [Williams, 2021]. As for potential activity related to this spyware, the company says that approximately 100 phone numbers are entered into its system per year. However, this number may be significantly higher, as an unknown amount of data was stolen from the company's servers in Cyprus in June 2021. In addition, the list of spyware users is believed to include people and entities outside of the aforementioned government agencies. The potential application field includes countries around the world, including Azerbaijan, Kazakhstan, Kyrgyzstan, Tajikistan, Turkey, Uzbekistan and other countries. So it is not so clear who is using the program and whether they are using it for legitimate purposes. Because it is speculated that potential targets of Pegasus spyware include many government officials, journalists, businessmen, politicians and activists [Rferl.org, 2021]. In conclusion, the creation of spyware like Pegasus leads to a discussion about security issues and human rights violations. Because in the current circumstances, it seems that the use of spyware is exceeding the expected use. Therefore, in such cases, strict use of such technologies must be ensured according to both national and international laws to avoid business motives and personal use of these programs for personal gain. References: Amnesty International (2021). Forensic Methodology Report: How to Catch a Pegasus by NSO Group. Retrieved from https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/. Used 18.07.2021.
Avery, Dan (2021). Israeli spyware launched "zero-click" attacks on iPhones: Pegasus took control of devices without the owner having to do anything, turning the phones into 2 -hour surveillance devices. Retrieved from https://www.dailymail.co.uk/sciencetech/article-9802839/iPhones-belonging-journalists-hacked-proving-Apples-security-no-match-NSO-spyware.html. Used 19.07.2021. CloudSEK Threat Intelligence (2021). Everything you need to know about Pegasus spy. Retrieved from https://cloudsek.com/everything-you-need-to-know-about-the-pegasus-spyware/. Used 18.07.2021. Dwoskin, Elizabeth and Rubin, Shira (2021). Someone has to do the dirty work: the founders of NSO are protecting the intelligence they created. Retrieved from https://www.washingtonpost.com/world/2021/07/21/shalev-hulio-nso-surveillance/. Used 21.07.2021. Github (2021). Mobile Verification Toolkit. Retrieved from https://github.com/mvt-project/mvt. Used 16.07.2021. Johnson, Derek (2021). A Pegasus-style spyware threat could creep up on businesses. Retrieved from https://www.scmagazine.com/analysis/cyberespionage/the-threat-of-pegasus-style-spyware-could-creep-toward-the-business-community. Used 21.07.2021. Kirchgaessner, Stephanie; Lewis, Paul; Pegg, David, Cutler, Sam, Lakhani, Nina and Safi, Michael (2021). Exposed: Leak reveals global misuse of cyber-surveillance weapon. Retrieved from https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus. Used 18.07.2021. Pegg, David and Cutler, Sam (2021). What is Pegasus spy and how does it hack phones? Retrieved from https://www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones. Used 21.07.2021. Radio Free Europe/Radio Freedom (2021). Leaders of Kazakhstan, Pakistan and France on list of potential targets for Israeli espionage programs. Retrieved from https://www.rferl.org/a/france-probe-pegasus-spywear/3136828 .html. Used 20.07.2021. Timberg, Craig; Birnbaum, Michael; Harwell, Drew and Sabbagh, Dan (2021). Listed: Ten Prime Ministers, Three Presidents and a King Generated from https://www.washingtonpost.com/world/2021/07/20/heads-of-state-pegasus-spyware/. Used 20.07.2021. Williams, Dan (2021). Israel Names Task Force To Evaluate NSO Spyware Allegations - Sources. Retrieved from https://www.reuters.com/technology/israels-national-security-council-looking-into-nso-spyware-allegations-2021-07-21/. Used 21.07.2021
Initially marketed as a tool for combating crime and terrorism, Pegasus was intended to be used exclusively by government agencies under strict regulations. However, over time, reports emerged indicating its misuse by certain governments against journalists, activists, politicians, and dissidents, raising serious ethical questions.
Controversies and Ethical Implications
The deployment of Pegasus has been mired in controversy due to allegations of misuse and abuse by governments worldwide. Revelations by various investigative journalists and watchdog organizations have unveiled instances where the spyware was allegedly used to target individuals not involved in criminal activities but rather critical of those in power.
Reports of its abuse against journalists, human rights activists, and political opponents have led to concerns about the erosion of privacy, suppression of free speech, and the endangerment of individuals' lives. Moreover, the lack of transparency and accountability surrounding its usage by governments has heightened worries about unchecked surveillance capabilities.
legal and regulatory responses spyware
After a global media investigation into the leaked target list of the Pegasus spy technology, we can no longer ignore the excesses of countries using secret digital surveillance tools originally designed to fight terrorism to spy on politicians, journalists, human rights activists and lawyers. and ordinary citizens with no connection to terrorism. As noted in a recent report (which we authored) by the UN Special Rapporteur on Counter-Terrorism and Human Rights, these tools produced in the US, EU, China, Israel and the UAE do more than just provide access to targeted communications. , contact information, geolocation and metadata, but even allows users to delete information or plant incriminating information by covering their tracks. The scope of spyware is unknown, but clearly huge. In testimony to the European Parliament last year, the creator of Pegasus - just one of the high-profile tools - revealed that the technology is used to target more than 12,000 people each year.
The use of spyware can seriously violate international human rights law. This allows repressive governments to identify dissent and then use geolocation and real-time tracking for safe targeting in real life. The Special Rapporteur on extrajudicial, summary and arbitrary executions linked the intelligence service to intelligence gathering on Jamal Khashoggi before his murder in 2018. Forensic analysis by the University of Toronto's Citizen Lab found spyware on several human rights-related devices. activists and journalists around the world who have suffered torture, illegal detention and physical violence. And spyware chills civic exchange and political engagement, undermining rights to privacy, freedom of expression, and freedom of association and assembly.
The use of spyware can seriously violate international human rights law. This allows repressive governments to identify dissent and then use geolocation and real-time tracking for safe targeting in real life. The Special Rapporteur on extrajudicial, summary and arbitrary executions linked the intelligence service to intelligence gathering on Jamal Khashoggi before his murder in 2018. Forensic analysis by the University of Toronto's Citizen Lab found spyware in a number of human rights-related devices. activists and journalists around the world who have suffered torture, illegal detention and physical violence. And spyware chills civic exchange and political engagement, undermining rights to privacy, freedom of expression, and freedom of association and assembly. Spyware goes further than previous forms of surveillance, such as mass communications surveillance, because it allows communications and documents to be manipulated for prosecution and blackmail. This can have a disastrous effect on fair trials and due process, calling into question the evidence used against individuals and the credibility of criminal investigations. Lack of proper
spyware regulation
As documented in the Special Rapporteur's report, there is so far no systematic approach to monitoring and regulating the spyware industry and the international spread of spyware to prevent human rights. Victims of targeting (if they ever find one) may be lucky enough to live in a state where government agencies can be sued for alleged human rights abuses (a rarity internationally). But even then, the case would suffer from the evidentiary and practical difficulties of prosecuting a spy agency when evidence of illegal conduct is hidden or opaque because spyware erases its tracks. Some spyware manufacturers are signatories to the UN Trade and Human Rights Guidelines or the equivalent OECD Guidelines, both of which are corporate responsibility guidelines related to human rights, labor and employment relations, the environment, anti-corruption, consumer protection and taxation. . The Guiding Principles and OECD Guidelines call on companies to respect internationally recognized human rights and to strive to prevent adverse human rights abuses in relation to their activities or products. However, spyware producers cannot be prosecuted for failing to comply with these "thousand law" obligations as there is no mandatory enforcement mechanism (complaints against UK and German spyware producers under the OECD system have been effectively ignored).
While some jurisdictions have enacted detailed human rights legislation (eg, California, the United Kingdom, Australia, and France), adoption is far from universal. In any case, such legislation is usually limited to reporting and supply chain transparency, rather than requiring companies to take active steps to reduce the risks posed by their customers. Attempts to rely on private tort doctrines (contracts in tort) against producers face national immunity (when the users are foreign government agencies), jurisdiction (when the supply and use are cross-border), and the poor analogy of human rights implications. paradigmatic physical damages in civil law. Finally, while espionage control technology is formally subject to export control systems for conventional arms, such as the Wassenaar Agreement and the EU Dual-Use Reform Regulation, the system suffers from limited international scope and the often unclear nature of export obligations. Usually, exporting countries require that human rights risks be "calculated" or "calculated". Given the clear human rights risks and surveillance concerns, the UN High Commissioner for Human Rights has called for a freeze on the trade in surveillance technology so that "countries can work on exports and surveillance systems and strengthen legal frameworks that protect privacy." several UN special procedures attorneys. In April 2022, the Republic of Costa Rica became the first state to require a moratorium. This was followed in March this year by a joint statement by Australia, Canada, Costa Rica, Denmark, France, New Zealand, Norway, Sweden, Switzerland, the United Kingdom and the United States, which recognized "the need for strict domestic and international control." . on the dissemination and use of commercial spyware. Regulatory access to malware
welcome to the growing international pace to regulate the international trade in spyware, which is appropriate. As stated in the recently published statement based on the mandate of the Special Rapporteur, a new approach has been designed which should inform the next steps of the sector. While proposing a mechanism for an international legal response to spyware, the declaration fails to recognize that all spyware can be used legally. Far from it. Some intelligence tools should never be used legally because their use violates the principle of proportionality/necessity or undermines the integrity of evidence and due process. To avoid these problems, spyware must at least be designed to (a) focus on specific
information rather than automatically accessing all information about targets and contacts in violation of the proportionality and necessity principle; b) report obvious abuse and built-in kill switches so manufacturers can prevent it; and (c) keep an unaltered record of the user's activities so that legal authorities can properly assess compliance with human rights. Regarding the regulatory framework, our position has not taken a hard and fast approach to structure, but we offer a number of ways to advance our legislative proposals. Our aim is to focus less on the title of the regulatory framework and more on its agreed functions to be implemented. Therefore, the regulatory framework should: a) be international in nature (either treaty-based or relatively consistent across several countries); b) depends on the obligations of the state to regulate commercial activities; c) limited to spyware; d) require mandatory and specific measures from countries; e) impose real obligations on private entities developing spyware to perform due diligence and demonstrate that there is no real risk that clients can use spyware to violate human rights; and (f) provide for direct liability that can be defended in a domestic court if the company fails to do so and the target is infected with spyware. We are under no illusions that repressive regimes will adopt this framework – instead, the goal is to ensure that the many democracies in which intelligence manufacturers choose to base themselves (due to their favorable business and stable environments) do so and demand it. of its business partners. While most domestic jurisdictions and corporate clients are committed to a responsible regulatory regime, spyware producers, faced with the choice of operating solely outside that regime or doing business with its supporters, are likely to choose the latter. We urgently need a system in which spyware developers are forced to either demand credible guarantees from their government clients that human rights will be respected in the future, or stop providing them. That forces the government's customers to implement safeguards so that their intelligence and investigative agencies can provide the assurances that vendors need to maintain access to the technology. For too long, the spyware business has taken place in the long shadows created by an inadequate legal framework. Spyware victims owe us a shine.
The contentious nature of Pegasus has prompted legal actions and calls for stringent regulations. Some affected individuals and organizations have taken legal recourse against NSO Group, alleging violations of privacy laws and human rights. In response, NSO Group has maintained that it sells its spyware only to vetted government clients for legitimate purposes.
Governments and regulatory bodies worldwide have faced mounting pressure to establish comprehensive laws and oversight mechanisms to regulate the use of surveillance technologies like Pegasus. Efforts are underway to ensure that such tools are used within legal and ethical boundaries, balancing national security concerns with fundamental human rights.
The Future of Surveillance Technology
The ongoing debates surrounding Pegasus underscore the urgent need for a robust regulatory framework governing the development, sale, and use of surveillance technologies. Striking a balance between security interests and individual rights remains a significant challenge in an increasingly digitized world.
As technology evolves, the ethical implications of surveillance tools like Pegasus will continue to shape policy discussions and societal perceptions. Transparency, accountability, and adherence to human rights principles must be at the forefront of any regulation to prevent the misuse of such powerful tools.
Conclusion
Pegasus represents a paradigm shift in surveillance capabilities, showcasing both the potential benefits and ethical pitfalls of advanced technologies. Its controversies have ignited a global conversation on the boundaries of surveillance, privacy rights, and governmental accountability. As discussions persist, the focus remains on establishing comprehensive regulations to ensure responsible and ethical use of surveillance tools, navigating the delicate balance between security imperatives and individual freedoms in the digital age.
.jpg)