2 min read

US Govt Warns Citizens About Pegasus Spyware – Without Saying ‘Pegasus’

Filip TRUȚĂ

January 11, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
US Govt Warns Citizens About Pegasus Spyware – Without Saying ‘Pegasus’

The US National Counterintelligence and Security Center (NCSC) and the Department of State have issued a joint alert warning citizens of zero-click malware that can “access and retrieve virtually all content on a phone.” The advisory doesn’t name any specific malware, but it checks all the boxes that describe NSO Group’s infamous Pegasus spyware.

The alert, titled Protect Yourself: Commercial Surveillance Tools, informs the public that “companies and individuals have been selling commercial surveillance tools to governments and other entities that have used them for malicious purposes.”

“Journalists, dissidents, and other persons around the world have been targeted and tracked using these tools, which allow malign actors to infect mobile and internet-connected devices with malware over both WiFi and cellular data connections,” the alert says.

“In some cases, malign actors can infect a targeted device with no action from the device owner,” the advisory continues, likely referencing the zero-click capabilities of Pegasus spyware, which Google researchers have described as a weapon against which there is no defense.

“In others, they can use an infected link to gain access to a device,” the advisory adds.

According to the alert, the cyber-weapons in question can:

• Record audio, including phone calls

• Track a phone’s location

• Access virtually all content on a phone, including text messages, files, chats, commercial messaging app content, contacts and browsing history

The warning comes shortly after Reuters reported that the iPhones of at least nine US State Department employees had been allegedly infected with Pegasus spyware.

In early December 2021, multiple sources told the news agency that the hacks hit US officials either based in Uganda or focused on matters concerning the East African country. The intrusions were said to be the widest known hacks of US officials through NSO Group’s Pegasus spyware.

In late December, researchers from The Citizen Lab – the original ‘whistleblowers’ of Pegasus – reported that threat actors deployed a zero-day attack against iOS 13.5.1 and likely had access to the iPhones of 36 people at Al Jazeera.

Supporting these findings, iPhone maker Apple in November made a crucial first move against NSO Group, hitting the Israeli spyware maker with a lawsuit alleging that Pegasus has enabled extensive state-sponsored hacking of its devices. At the time, Apple also announced plans to hand out $10 million to infosec partners to help fight cyber surveillance abuses.

The US has blacklisted NSO, forbidding it from selling technology in the US and preventing it from acquiring US technology, such as Apple devices.

The NCSC bulletin offers a list of common cybersecurity practices that may mitigate some risks associated with cyber-surveillance tools. Some of it sounds like overkill for regular Joes and Janes, such as covering device cameras, but many of the precautions make for good cybersecurity hygiene – even if you have no reason to believe you’re a target.

tags


Author



Right now

Top posts

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read
Why and how to hide your IP address while traveling

Why and how to hide your IP address while traveling

April 13, 2022

2 min read
How Bitdefender Can Help Restore Your Privacy in the Digital Age

How Bitdefender Can Help Restore Your Privacy in the Digital Age

April 04, 2022

3 min read
How Strong is VPN Encryption?

How Strong is VPN Encryption?

February 28, 2022

3 min read
Top Three Ways Internet Users Unknowingly Help Cybercriminals

Top Three Ways Internet Users Unknowingly Help Cybercriminals

February 25, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Researchers Find Thousands of Websites that Record Everything You Type Researchers Find Thousands of Websites that Record Everything You Type
Radu CRAHMALIUC

May 16, 2022

2 min read
Ukrainian Citizen Sentenced to Prison for Brute-Forcing Credentials and Selling them Online Ukrainian Citizen Sentenced to Prison for Brute-Forcing Credentials and Selling them Online
Silviu STAHIE

May 13, 2022

2 min read
Mozilla Says Many Health and Prayer Apps Are Pose Security Risks Mozilla Says Many Health and Prayer Apps Are Pose Security Risks
Silviu STAHIE

May 09, 2022

2 min read