Pegasus is software developed by NSO Group, an Israeli company specializing in computer security. This tool is intended to extract all the information from any mobile device. It seems that this tool is directly developed for devices with the iOS operating system, come on, for Apple smartphones.
How does this Pegasus spyware work?
The first thing we should know is that it is a type of software zero click. Surely you don’t know what this means, well, it’s as simple as it is not necessary for the user to interact with this software to infect the device.
Malware is usually injected through a link that takes us to a site where the malicious software is stored. It can also be “stuck” to a file, such as a photo or document. But in this case, it’s nothing like that, it’s just injected and that’s it.
This tool infects systems via iMessage and WhatsApp apps. It has been developed to sneak through these tools because they are used by most users. As they are common tools, a greater number of users can be reached.
Pegasus is not the problem on PC
Everything points to no. It seems that this Spyware Pegasus is specifically developed for iOSthe operating system of the apple smartphones. These tools, in many cases, are developed to take advantage of certain vulnerabilities. It seems that Pegasus takes advantage of a series of vulnerabilities present since iOS 7.
While we are not affected by Pegasus, there is much more malware out there. Windows is also not an impregnable operating system, moreover, there is no such thing as an operating system without vulnerabilities.
For example, there is the spyware source, a malware that has more or less the same goal as Pegasus. Such software has already been detected in Spain and can affect computers with Windows operating system. It is estimated that this tool has already been used to spy on more than 100 different personalities.
An interesting thing about Sourgum is that it has been developed by Candiru, an Israeli cybersecurity company (yes, like the developer of Pegasus). This company develops espionage software tools that it sells to different governments.
How can I protect myself from these spyware?
At first, there is no concrete way to protect ourselves, since they are tools that do not need us to “activate” them. The only way is for Microsoft and Apple to release security updates that fix the vulnerabilities. For this reason it is important to update the device when updates are reported to us.
Nor should we become paranoid about these tools, since the average user is not the target audience. They are tools designed to spy on politicians, journalists, activists or political dissidents, among others.
But we are not without risk, there are significant security risks out there. Phishing attempts, malicious emails that want to steal different credentials, fraud attempts, etc. We must be aware that there are attempts to cheat and that we must access verified and reliable sites.
The National Police usually reports on different types of tricks against the user that seek to steal their credentials. We just have to be careful and avoid accessing strange websites and be wary of emails with a strange sender or SMS from banks or services with shortened links.