Tag Archives: spying

Why is Pegasus a threat to our privacy

Reading Time: 4 minutes

So-called ‘Pegasus’ first made it to the headlines in 2016, however public opinion was not fully aware of how severe danger it poses to civil liberties until last year, when it was revealed that the programme was used to spy on and steal data from thousands of independent journalists and activists in dozens of countries. Last week, as a consequence of US blacklisting the company that created Pegasus, Apple sued NSO Group for breaching the privacy of Apple products’ users. The company also decided to notify via e-mail or via SMS every user who may have been a victim. It is clear that such type of spyware is very dangerous to our privacy and to our liberty. Before I elaborate on that, here’s some facts about Pegasus.

What is Pegasus?

Pegasus is a spyware developed by Israeli company NSO Group that is used to target mainly mobile phones. The company claims that the products is only sold to authorised goverments in order to crack down on organised crime like human trafficking or prevent terrorist attacks, all for the public safety (source: official site of NSO Group).

However it is known, that in many cases it is the opposition, or the journalists criticising the government who are under the surveillance.  It is suspected, that even Amazon’s Jeff Bezos and French president Emmanuel Macron might have fallen victims to company’s infamous spyware. Some of the clients are also authoritarian regimes, which while having disdain for human rights, most probably won’t be held accountable for the invigillation.

How does it work and why it is particurarly dangerous?

Most of countries have secret services, which gather our private data without consent, and on the spyware market there are many products which fulfill the same goal. However the key reason why Pegasus is particurarly dangerous is its methods of infecting the devices.

Primary targets of Pegasus are mobile phones. Vast majority of mobile phones have either Android or iOS. There is no operational system which will prevent your phone from getting hacked, but there are differences between the systems, which make your device safer or less safe. One of key factors on that matter are frequent software updates. If the patches and bugfixes are coming out rarely and with a delay, then it is much easier to exploit vulnerabilities in device’s security, as they won’t be patched out anytime soon, which is unfortunately the case with Android. The only mobiles which are getting firmware (iOS) updates are iPhones, which are made by the same company – Apple. However Android can be easily modified by the producers, which tend to install a User Interface (UI). In this case, this is a disadvantage, because before each update is made available, the new version of firmware needs to be integrated with producer’s UIs, which prolongs the whole process dramatically. In addition, devices with Android tend to receive less OS updates before ending the support than iPhones.

Pegasus can infect the device via several different paths. Most obvious and plain one is sending a SMS to the victim’s phone with link, which, when clicked, hacks the device. It doesn’t sound like anything special, but if that approach fails, then the operator may attempt at taking control over the target by other, more dangerous method.

Spyware’s operator may use an exploit in device’s security in order to send a message, which hacks it without victim’s involvement. Then the software roots/jailbreaks the target, gaining control over the victim’s photos, messages, e-mails and also gaining the ability to overhear victim’s calls or what is being spoken to the device’s microphone. When a device is compromised, the victim completely loses it privacy, because the potential amount of data which can be stolen is tremendous. Up to very recently, most of people under surveillance of this program had no idea, that they might have been spied on. In case the operator finds out, that the victim might know about the breach, he may remotely delete the program from the device.

Closing Thoughts

The program poses a direct threat to any user under its ‘supervision’. Spyware’s operator gains even our very intimate data, which makes it easy to blackmail the victim or their family. Also, the very fact that even disclosed information is vulnerable to the breach, can be used to our great disadvantage, as all our aims and plans, that were sent to someone are reveled to the Pegasus’s client, in present time. If a prominent government’s dissident writes to someone about their plan to for example enter a foreign embassy or consulate, the secret services may trap him and prevent him from reaching the place, if they know his plans.

It is suspected, that a Saudi dissident, Jamal Khashoggi, was spied on by Pegasus for a few month preceeding his assasination in Saudi consulate in Istanbul. When it comes to our more local, polish background, a prosecutor, who investigated whether the government’s action preceding last year’s presidential election were legal or not, received on her iPhone a message from Apple, that most probably she had been spied on, on a basis of her actions as a prosecutor.

Fortunately, not everyone may become a victim to this vicious spyware. In order, to use Pegasus on someone, a client (most of the time a country’s government) needs to but a license, which is very costly (as much as $650 000 for spying on 10 iPhones). Buying addtional license for 100 devices costs  approximately $800 000. The system maintenance draws 17% of a price each year it is being used.  This limits its use to key targets. If you are not important activist or a dissident, or one of themost wealthy entrepreneurs in your country you probably are not a target of Pegasus.

However, be aware that no-one in developed countries is safe from invigilation. What you should do, regardless of whether you may be a victim of Pegasus or not, is to take necessary precautions: keep your device updated, use strong passwords and safety measures and avoid suspicious links or networks in order to protect your privacy.

sources:

https://en.wikipedia.org/wiki/Jamal_Khashoggi

https://en.wikipedia.org/wiki/Pegasus_(spyware)#Use_of_spyware

https://pl.wikipedia.org/wiki/Pegasus_(oprogramowanie_szpieguj%C4%85ce)

https://www.nsogroup.com/about-us/

https://www.theguardian.com/us-news/2021/nov/03/nso-group-pegasus-spyware-us-blacklist

https://www.ft.com/content/7cc83668-1bbe-40f9-b457-34e2a2f88e1a

https://www.ft.com/content/898e14b1-a4e1-4443-8d9a-8b5ff5238396

https://tvn24.pl/polska/pegasus-prokurator-ewa-wrzosek-przekazano-mi-ze-bylam-poddana-dzialaniu-pegasusa-zawiadomienie-o-przestepstwie-5502315

https://theconversation.com/what-is-pegasus-a-cybersecurity-expert-explains-how-the-spyware-invades-phones-and-what-it-does-when-it-gets-in-165382

https://www.scientificamerican.com/article/what-is-pegasus-how-surveillance-spyware-invades-phones/

https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/

https://www.moneycontrol.com/news/india/find-out-the-cost-of-putting-pegasus-into-a-smartphone-for-spying-7200991.html

https://www.bbc.com/news/business-59393823

Tagged ,

Stalkerware – what is this?

Reading Time: 2 minutesStalkerware „is a monitoring software or spyware that is used for stalking”.

What does it mean?
That means that everyone can have this kind of app and see what someone else is doing. You can have access to someone’s back and front camera, localization, voice records, and screen.

How does it work? 
The only thing you have to do to have access to someone else’s life is to download the special app from a special website on a victim’s phone. 

As we can see from the graph, the number of stalkerware apps detected by Kaspersky Security has increased by almost half in 7 months.

The biggest number of users of this application was in Russia. In the second place is India and in the third – Brazil. 

According to Kaspersky’s research, the most often detected Stalkerware apps were MobileTool, iSpyoo, and Talklog.

What can show us that we are being spied on?
If you see any unusual activity on your device there might be something going on. Don’t click on any links in order not to be hacked or spied on.

How can we protect ourselves from an unwanted app?
1) Don’t leave your phone without supervision.
In this case, no one could download a spyware app on your device.
2) Don’t use your thumbprints to open your phone or laptop.
The less the technology knows about you, the safer you are.
3) Download security software.
It may help detect unwanted activities and delete it.

 

References:

  • https://www.bbc.com/news/av/technology-50175538/using-stalkerware-to-spy-on-a-colleague-s-phone?intlink_from_url=https%3A%2F%2Fwww.bbc.com%2Fnews%2Ftechnology&link_location=live-reporting-map
  • https://securelist.com/the-state-of-stalkerware-in-2019/93634/
  • https://securelist.com/beware-of-stalkerware/90264/
  • https://en.wikipedia.org/wiki/Stalkerware
  • https://www.zdnet.com/article/the-ultimate-guide-to-finding-and-killing-spyware-and-stalkerware/

 

Tagged ,

Facebook pays teens to install an app that spies on them

Reading Time: 2 minutes

Once again Facebook finds itself in a position no company should end up in. It was reported that they have been secretly paying teenagers and adults to install a VPN  app that allows them to collect all the data on how they use their smartphones.

“Project Atlas”

It all began in 2016 with the so-called “Facebook Research” app where some of the users were being paid 20$ a month for permission to gather all kinds of data from their device. It enables Facebook to view web searches, location information, private messages on social media apps, and a lot of other activities. What is more, Facebook even asked users to screenshot their Amazon order history page. To mask its involvement in everything, the program is said to be administered through beta testing services like Applause, BetaBound and uTest and is referred to as “Project Atlas.”

Violation of policies

The app was also available on iOS, however, since it can decrypt and analyzy users phone activity it was a violation of Apple policy. After the report on the app, Facebook stated that it would shut down the iOS version of its app. In this case, Apple was quicker and had already blocked the “Facebook Research”  on their system.

“We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization. Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple. Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.” – statement from Apple spokesperson

Not a bright future

Facebook has had a rough couple of years now, especially after it was revealed that the data of 87 million users had been improperly shared with political consultancy Cambridge Analytica. It is also scandalous, that ads for this app that ran on Instagram and Snapchat specifically asked for participants to be 13 to 17 years old. Who knows what we will find out in the future, but if you have any thoughts what can also be wrong with Facebook feel free to share it in the comments.

 

Sources:

  1. https://www.marketplace.org/2019/01/30/tech/facebook-has-been-paying-teens-data-what-does-mean-calls-regulate-company
  2. https://techcrunch.com/2019/01/29/facebook-project-atlas/
  3. https://www.vox.com/the-goods/2019/1/30/18203803/facebook-research-vpn-minors-data-access-apple
  4. https://www.theinquirer.net/inquirer/news/3070119/facebook-has-been-paying-teens-for-unfettered-access-to-their-data
  5. https://www.techzim.co.zw/2019/01/facebook-was-paying-teens-20-month-for-all-of-their-data/

 

Tagged , , ,