A powerful surveillance tool, which is licensed only to governments was leveraged to invade the mobile phones of at least 7 individuals in the country. This surveillance tool was active on some of their devices. The hacks were confirmed by forensic analysis of the phones.
While 1000’s of Indian phone numbers that were listed included few selected for surveillance by NSO Group, the list had numbers of Rahul Gandhi, Ashok Lavasa and Hari Menon. The list also included numbers of journalists, senior officials, activists, business executives, opposition politicians to mention a few.
The spyware which invaded 7 of the analyzed phones is Pegasus - a product of the Israeli firm - NSO Group. While Pegasus secretly unlocks the contents of any target’s mobile phone and changes it into a listening device, it mainly follows 3 steps such as Target, Infect and Track. NSO stated that it licenses Pegasus mainly to government agencies in order to combat terrorism and few other serious crimes.
Relaying the stolen information to advertisers & external users
Spyware/malware – a kind of malicious software when installed on a computing device without the end-user knowing it, not only invades the device, steals sensitive information but also relays the stolen information to advertisers, external users or data firms. Any software that is downloaded without the authorization of the user comes under the spyware category. The reason why spyware is controversial is due to its capability of violating the end-users privacy and it also possesses the potential to be abused.
Spyware a common threat to internet users monitors the user’s internet activities, tracks their login credentials and spies on sensitive details once it is installed. However, its main focus is to acquire details related to financial transactions such as banking details and passwords, credit card numbers, etc. In addition to these, spyware can also be installed in order to track an individual’s location address and this can be carried out easily with stalkerware.
Detecting Malware
Although, detecting if spyware is installed on your device is not so easy, most often, the first sign through which a user can realize that his/her computing device has spyware installed on it is by observing a remarkable reduction in either the network speed or processor speed. And, in the case of mobile phones, it can be identified through a significant reduction in battery life and data usage. Some of the common examples of spyware include CoolWebSearch, DarkHotel, Emotet, Gator, TIBS Dialer and Zlob.
How does spyware/malware work?
Spyware can be easily installed onto a user’s device without the individual knowing about it. This can be carried out through app installation packages, malicious websites and mainly file attachments. In its least harmful form, spyware dwells as an application that starts running the moment the device is switched on and it keeps running in the background.
Spyware steals RAM along with processor power and would generate an unnecessary number of pop-up ads, and slows down the web browser till it becomes unstable. The other harmful consequence of spyware on your device is that it can secretly make changes to the device’s firewall settings. And reconfigures the security setting in order to let in more spyware. Examples of different types of spyware include Adware, Cookies, Keyboard loggers, Hardware keyloggers, Trojans, and Mobile spyware.
Malware Prevention/Elimination
However, there are numerous ways to prevent spyware. Some of these include Downloading software only from trusted sources, going through all the disclosures before installing any software, not interacting with pop-up ads, updating the latest versions of OS & application software, neither accessing e-mail attachments nor clicking links sent by unknown mailers, etc. Malware can also be removed or prevented through the installation of antispyware tools. A few of them include Malwarebytes, Trend Micro HouseCall, and Windows Defender. NSO Group blocks some governments from using Pegasus.
NSO Group – the Israeli technology firm offering spyware has blocked several government clients across the globe from using its technology since the company is in the process of investigating their possible misuse, stated an employee of the company to NPR on 29th of July. The suspensions are mainly in response to an investigation done by the Pegasus Project. NSO Group has been under scrutiny due to these reports and says that access to its technology has been suspended for some clients’.
"There is an investigation into some clients. Some of those clients have been temporarily suspended," said the source in the company, who spoke to NPR on condition of anonymity because company policy states that NSO "will no longer be responding to media inquiries on this matter and it will not play along with the vicious and slanderous campaign."
Shmuel Sunray, the general counsel to NSO Group, stated that the intense scrutiny the company is facing was unfair taking into consideration the company’s own vetting efforts. "What we are doing is, what I think today is, the best standard that can be done," Sunray told NPR.
"We're on the one hand, I think, the world leaders in our human rights compliance, and on the other hand we're the poster child of human rights abuse."
To conclude, we are no longer arguing on the right of the state to violate our own rights to privacy, as these revelations reveal that we have now entered in a new and uncomfortable reality where everyone is moving towards a world where spyware are sold on open market.
