There has been reports all over the world for around 50000 numbers that a virus in their phone was deducted. This virus is Pegasus. How would you feel that the data on your phone, who you talk to, message to can be tracked by government. Pegasus isn’t a normal virus where you click on a link in your message or mail that spreads the virus. FaceTime, iMessage, or even video calls can give entry to this virus. It can delete the notifications on your phone. It can turn on the camera of your phone and see you, turns the mike on and listen to your conversation.
Almost, 50000 phone numbers in the world faced the problems mentioned above. Amnesty International & Forbidden Stories jointly conducted a investigation. They claim that the Pegasus spyware is used on journalist, activist and even political opposition. Out of 50000 number 300 numbers are from India.
What is Pegasus?
El Chapo after Osama bin Laden was the most wanted criminal who was caught using Pegasus. The Mexican authorities has accepted this publicly. Since then Pegasus has been a focus of many governments all around the world. It is a spyware developed by Israeli cybersecurity company called NSO group. This group sells its Pegasus products only to governments .Now, the problem with this spyware is when its misused. Instead of using it on criminals it is being used on journalist.
Many Journalists from Saudi Arabia ,UAE, Azerbaijan have filed a lawsuit against government. According to them government are using this spyware to track their activities. There was a outrage in India as famous people like Rahul Gandhi, Prashant Kishor was on this list of 300 numbers. But, how sure are these media houses? All over the world,17 media houses who reported on this matter are using a safe language in these reports. The Guardian (US newspaper) says ‘The presence of a phone number does not reveal whether a device was infected with Pegasus or subject to an attempt of hack.’ The article from Wire states that there are limitation for forensic analysis of these numbers.
Since, people would not share their devices for forensic analysis as it would be sharing their data with strangers. Thus, out of 50000 numbers only 67 numbers are forensically tested. The media houses are blaming government because of the names that were found in the list. Only government would be interested to get their information thus suspected for having Pegasus Spyware. But can only Indian government spy on us? If this spyware is available with other countries they can spy on India as well. Edward Snowden was a whistleblower who exposed how US government was spying on people all over the world.
Now, the loophole is NGOs has access to this list, so if they can access it so can the government. Right now, there is no clarity on this but if any of this is true then it is extremely dangerous. Out of 50000 numbers only 67 number were forensically tested of which only 23 were successfully infected. While 14 numbers were attempted penetration.
What is Attempted Penetration?
Attempted Penetration is where you receive a link on your message or mail and through that link the virus is infected in the device.
Another Loophole with this is this attack can only be done on Apple and not on Android as android does not store these information.
Also if you have a device which was attacked earlier and now you changed it then this information cannot be tracked. In India, forensic analysis was done on 22 phone of which 10 were targeted with Pegasus and 7 were successfully infected. Even if the number of attacks are less but the violation in anyone’s privacy will be dangerous for everyone. So end of the day the media houses accept that just because your number is in a list does not mean you were attacked by Pegasus.
NSO has confirmed that every year they perform this activity on 5000 numbers and the numbers that were reported was 50000. Pegasus is a costly spyware. You just cant buy it once and then install it on multiple devices. It works on per device per license basis. The cost of Pegasus to get installed in 10 iPhone is $650,000. Along with this $500,000 installation charges. If all these 50000 numbers were attacked then the revenue made by NSO should be 57 billion dollars. But in 2020 they made only 243 million dollars.
Does India has Pegasus?
In 2019, WhatsApp reported 1400 Pegasus attack out of which 20 were Indian numbers. India’s Home Ministry has denied the use of Pegasus spyware. So, right now its just an allegation on Indian government there is no proof to prove this. Pegasus is a strong tool which should only be used in terror attacks or national security.