The following article is reproduced with authorization conversation, An online publication covering the latest research.
End-to-end encryption is a technology that can scramble messages on your phone and decrypt them only on the recipient’s phone, which means that anyone who intercepts the messages cannot read them. Dropbox, Facebook, Google, Microsoft, Twitter and Yahoo are among the companies with its applications and services Use end-to-end encryption.
This kind of encryption helps protect your privacy, but The government doesn’t like Because it makes it difficult for them to monitor people, whether it is tracking criminals and terrorists, or spying on dissidents, protesters, and journalists, as some governments are well-known. Entered an Israeli technology company, National Bureau of Statistics.
The company’s main product is Pegasus, Spyware It can quietly enter the smartphone and access all the content on it, including its camera and microphone. Pegasus aims to penetrate devices running Android, Blackberry, iOS and Symbian operating system And turn them into monitoring devices. The company says it sells Pegasus Only to the government And only used to track criminals and terrorists.
How does this work
Early version of Pegasus By installing on a smartphone Loopholes In commonly used applications or through Spear phishing, Which involves enticing the target user to click a link or open a document that secretly installs the software.It can also be installed wirelessly transceiver Located near the target, or if the agent can steal the target’s phone, manually.
Since 2019, Pegasus users have been able to install the software on their smartphones Missed calls on WhatsApp, You can even delete the record of missed calls, so that the owner of the phone doesn’t know what’s wrong. Another method is to simply send a message to the user’s mobile phone that does not generate a notification.
This means that the latest version of the spyware does not require smartphone users to perform any actions. All that is required for a successful spyware attack and installation is to install a specific vulnerable application or operating system on the device.This is called Zero-click exploit.
After installation, Pegasus can theoretically Harvest any data From the device and transmit it back to the attacker. It can steal photos and videos, recordings, location records, communications, web searches, passwords, call records, and social media posts. It can also activate the camera and microphone for real-time monitoring without the user’s permission or knowledge.
Who has been using Pegasus and why
NSO Group stated that it created Pegasus specifically for the government for counter-terrorism and law enforcement. The company marketed it as a targeted espionage tool for tracking criminals and terrorists, not for mass surveillance. The company does not disclose its customers.
This First reported use Pegasus was tracked by the infamous drug lord Joaquín “El Chapo” Guzmán in 2011 by the Mexican government.According to reports, the tool has also been used Stalker Approaching the murdered Saudi journalist Jamal Khashoggi.
It is unclear who or what type of person the target is and why. However, Most recent reports About Pegasus is centered on a list of 50,000 phone numbers. The list belongs to the NSO Group, but the source of the list is unclear. A statement from Israel’s Amnesty International stated that The list contains phone numbers Those calls that were marked as “interested” by NSO’s various customers, but it is not known whether any number-related calls have actually been tracked.
A media alliance, Pegasus Project, Analyzed the phone numbers on the list and identified more than 1,000 people in more than 50 countries. The findings include people who appear to be exempt from the NSO Group’s investigation of criminal and terrorist activities. These include politicians, government workers, journalists, human rights activists, business executives and members of the Arab royal family.
Other ways you can track your phone
Pegasus’ concealment and seemingly complete ability to control someone’s mobile phone is breathtaking, but it’s not the only way people can monitor with their mobile phone.Some ways to call Can help monitor and destroy privacy Including location tracking, eavesdropping, malicious software And collect data from sensors.
Governments and telephone companies can track transceivers from cellular towers and Unit transceiver simulator like Stingray equipment. Wi-Fi and Bluetooth signals are also available Used to track phone callsIn some cases, applications and web browsers can determine the location of the phone.
Eavesdropping on communications is more difficult to implement than tracking, but it is possible with weak or lack of encryption. Certain types of malware may compromise privacy by accessing data.
The National Security Agency has sought to reach agreements with technology companies under which these companies will grant the agency special access to their products in the following ways: back doorAnd have According to reports, it built its own backdoor. These companies say backdoor Undermine the purpose of end-to-end encryption.
The good news is that based on your identity, you are unlikely to be a target of a government that owns Pegasus. The bad news is that this fact alone does not guarantee your privacy.