What are Pegasus and Trident Spyware?
You may have recently read about Israeli spyware Pegasus and Trident in Indian news. The opposition party in India accusing Prime Minister Sri Narendra Modi of this spyware misuse. As per the news, More than 1,000 phone numbers in India were among nearly 50,000 selected worldwide as possibly of interest to clients of the Israel-based NSO Group, maker of the Pegasus spyware. We are not going to discuss the political situation here. Instead, we will learn about spyware itself.
1 What is spyware?
Spywares are silent apps or codes injected into someone’s device to spy on him. The spyware silently executes in the background and stays undetected. Once spyware is successfully planted into the device of the target real spy work begins. Such planted spyware collects sensitive data from the device such as contacts, pictures, and call recordings and sends them back to the predestined spy server.
Generally, it requires physical access to plant spyware into someone’s device. But most advanced spyware like ” Pegasus” one we are talking about can be injected through exploited vulnerabilities of the device system or phishing techniques. Normal spyware can be easily detected by common spyware scanners. But, advanced spyware gets integrated with system files to stay undetected.
2 What is Trident?
Every system has some vulnerabilities. Apple iOS previously has a “Zero Day” vulnerability. Such security drawbacks or vulnerabilities are called “Trident”. Pegasus spyware uses these trident vulnerabilities to infect the target device, it causes serious data loss can access all messages, calls logs, audios, emails, logs, and private data from apps including end-to-end encrypted applications
3 What are Pegasus ?
Pegasus is a spyware program and spying tool owned by NSO Group. It is an Israeli technology firm. It enables the remote surveillance of smartphones, secretly unlocks the contents of a target’s mobile phone, and transforms it into a listening device. Lookout and Citizen Lab uncovered an active, targeted mobile spyware threat called Pegasus.
After such findings Lookout worked with Apple’s security team to patch all three Trident iOS vulnerabilities in Apple’s 9.3.5 update.
4 Who do attackers target?
High-value targets such as political activists, military personnel, company CEOs, corporate individuals, media workers, and oppositions are targeted using this spyware.
As TechCrunch writes, “Apple zero-days mark a new era of mobile hacking.”Pegasus is the most sophisticated attack we’ve seen on any endpoint because it takes advantage of 1. How integrated mobile devices are in our lives 2. The combination of features is only available on mobile devices — always connected, voice communications, camera, email, messaging, GPS, passwords, and contact lists. It also includes information that could be answers to your security questions like birthdays, addresses, and children’s information.
5 What is the latest exploit?
India’s main opposition Congress party has accused Prime Minister Narendra Modi of “treason” and compromising national security following revelations that dozens of Indians were potential targets of snooping by Israeli-made spyware. In this scandal, lots of names are released by the media groups. Such a list includes the name of opposition leader Mr. Rahul Gandhi. Although, it is not clear whether his phone has been hacked or not.
Common people don’t have to worry about pegasus and trident vulnerability as it costs very much to target using these advanced sophisticated systems. And, spying on everyone is out of its budget. Otherwise, if you fit in such a category, better for you get checked your phone with a security expert.
For now, this pegasus & trident scam is only related to apple and WhatsApp exploits which are now fixed. But in the future, the best way to stay safe from such spyware is to be very careful before handing over your device to someone. And, don’t ever open links and files from the untrustworthy senders. Don’t ever install unknown random applications on your device.