After WhatsApp, Pegasus spyware can now steal Apple, Google, Facebook & Microsoft cloud data. Read on to know more about it…
In May this year, a security vulnerability was discovered in WhatsApp which allowed a malware called ‘Pegasus’ to be injected in smartphones. Once a smartphone gets infected, the device can be tracked and the data can be easily stolen. Now that security bug in WhatsApp has been closed but that, apparently, is just the tip of the iceberg.
Pegasus is a powerful tool that can be used for mass surveillance and has been used to target journalists and activists. The Pegasus malware is created by an Israeli company called NSO Group to help various government agencies to spy on suspects via smartphones. NSO Group is now selling Pegasus with features to steal data from Google, Apple and other servers. The Pegasus malware is expensive and costs millions of dollars which mostly governments can afford. This malware is claimed to be only sold to government agencies by NSO Group but there have been instances of misuse as well.
A report by Financial Times now claims that an updated version of Pegasus has been released which is even more powerful and can steal your data stored in servers of Google, Facebook, Microsoft, Amazon and even Apple iCloud. Here is everything you need to know.
Many users rely on cloud storage to save photos, messages, along with other encrypted filed, and according to the Financial Times report, all of that information could be compromised thanks to Pegasus’ new features, if their account were under attack.
In it sales pitch, Pegasus is claiming to harvest data from Apple iCloud, Google Drive, Microsoft and Amazon servers. It does so by copying such authentication keys from infected smartphones in order to impersonate the device. After the authentication keys are copied, another server under the control of the attacker takes control of the smartphone.
The Pegasus malware easily bypasses 2-step authentication without the knowledge of the victim. The new features of Pegasus can access the cloud information without “prompting 2-step verification” or warning the user by via email. Many users have 2-step verification turned on for their Apple, Google and Microsoft accounts and if Pegasus can access the data without any warning, this raises a lot of security risks and also means that at times users might not even realize their data has been compromised.
All Android phones including iPhones are vulnerable to Pegasus. Even if Pegasus has been removed from the smartphone, it can continue accessing that data since it’s not dependent on the spyware being continuously active.
NSO Group sells Pegasus as a weapon and not a cyber security solution. Organizations named in the sales pitch of NSO Group are naturally defensive about the security of their systems and simply say they continue to investigate and watch what happens. However, the NSO Group’s tech supposedly targets Industry-standard authentication which would put more than just Big Tech at risk.
For its part, the NSO Group denies actively campaigning for the use of hacking and mass surveillance of such cloud services but doesn’t exactly deny that it has the technology to do so. And while it advertises itself as a maker of tools to be used by responsible governments to protect themselves, Pegasus has also been found on the phones of activists and journalists and has been traced back to repressive regimes.