However the seemingly confirmed use of Pegasus came after WhatsApp sued the NSO group. The use of Pegasus has long been suspected in the WhatsApp cyber attack that was first reported in 2019.
What is Pegasus and how does it infect devices?
According to The Citizen Lab at the University of Toronto, which helped WhatsApp investigate the cyberattack, Pegasus is the flagship spyware of the Israel-based NSO group. It is also believed to be known by other names like Q Suite and Trident. Pegasus reportedly has the ability to infiltrate both Android and iOS devices and uses a variety of methods to hack into Target’s mobile devices, including using zero-day exploits.
In the case of WhatsApp, Pegasus has said that it has exploited a vulnerability in the WhatsApp VoIP stack which is used to make video and audio calls. Just a missed call on WhatsApp gave Pegasus access to the target’s device.
What can Pegasus do?
Pegasus is a versatile piece of spyware and as soon as it is installed on the target’s device, it begins to contact the control server, which can then relay commands to collect data from the infected device. Pegasus can steal information like passwords, contacts, text messages, calendar details and even voice calls made using messaging apps. Apart from this, it can also spy using the phone’s camera and microphone as well as GPS to track the live location.
Who was hacked using Pegasus in India?
The details of how many people were hacked in India using Pegasus via WhatsApp are not clear. However, a WhatsApp spokesperson confirmed to Gadgets 360 that Indian users were also among those contacted by the company during the May 2019 cyber attack.
WhatsApp wrote in a blog post, “We sent a special WhatsApp message to about 1,400 users, about which we have [मई 2019] The reason for being affected by the attack, was sent to inform them directly.”
Facebook-owned WhatsApp has also said nothing about who was behind the cyber attack and illegal espionage. NSO Group has also denied any wrongdoing and the company claims it only sells spyware to “investigated and legitimate government agencies”.