The US Central Intelligence Agency (CIA) used Israeli-made Pegasus software to mislead Iran amid the effort to retrieve the second of two downed US airmen last week. According to a report by the Times of London, the US spy agency used the software developed by Israeli cyber intelligence firm NSO Group, to send messages to the Iranian leadership and Islamic Revolutionary Guard Corps (IRGC) operatives claiming that the downed US airman has been found. The operation was part of a larger mission to rescue one of two US airmen whose aircraft had crashed in Iranian territory amid the ongoing conflict. The rescue marked a rare instance of US aircraft losses inside Iran since the war began on February 28. Notably, Pegasus spyware was reportedly used to hack phones via missed calls on WhatsApp. The meta-owned platform sued NSO Group in 2019. Here’s everything you need to know about Pegasus spyware
What is Pegasus spyware?
As mentioned above, Pegasus spyware has been developed by the Israeli firm, NSO Group. The spyware has been widely used by the CIA to eavesdrop on communications and discreetly harvest data. Developers of the software, the NSO Group licensed it to governments to track terrorists and criminals.
How does Pegasus work?
Pegasus is a type of spyware that can be used to secretly access mobile phones. Reports have claimed that even a missed WhatsApp video call could allow the spyware to enter a user’s device.Once installed, the software can gain control of the phone without the owner’s knowledge. It can then access sensitive information such as passwords, contacts, calendar details, text messages and even live voice calls from messaging apps. The spyware leaves no trace on the device, consumes minimal battery, memory and data consumption and comes with a self-destruct option that can be used any time, the complaint further added.
The 2019 attacks and WhatsApp’s complaint
In 2019, WhatsApp revealed that the platform has been used to target users across the world using the Pegasus spyware. The attack allowed hackers to install the spyware on phones through a missed voice or video call, without the user needing to answer it.WhatsApp said the spyware was then used to target around 1,400 users globally. Those affected reportedly included journalists, human rights activists, lawyers and government officials.After the attacks, the company later filed a lawsuit in the United States against NSO Group, accusing it of exploiting its platform to carry out the attacks. WhatsApp argued that the spyware violated its terms of service and compromised user privacy.
Poll
What do you think should be the primary purpose of spyware like Pegasus?
“A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number,” WhatsApp said in its complaint then.