Pegasus spyware from the NSO Group has made it to the global mainstream media, thanks to it being at the core of a major surveillance campaign reported by 17 media organizations led by the Paris-based group, Forbidden Stories and Amnesty International.
Per reports, 50,000 phone numbers, primarily belonging to journalists, government officials, and human rights activists across the globe, were put under surveillance, violating the basic human right of privacy.
The Global Spyware Market Index Report from Top10VPN.com revealed some startling statistics:
- 74 countries have bought and/or used invasive spyware technology since 2015.
- Spyware firms: 86% are based in countries considered full or flawed democracies by the EIU.
- Suspected customers: 55% are authoritarian or hybrid regimes, with only 7% considered full democracies.
- FinFisher has the most reported state customers (34), followed by Circles (25), and NSO Group (23).
Responding to the imminent attack, MicroWorld Technologies, a security solution provider with a specialization in cybersecurity, emphasized that their Mobile Security solution is capable of detecting and blocking Pegasus spyware along with similar digital threats.
MicroWorld Technologies houses two brands under its banner namely eScan and Nemasis.
Speaking exclusively with CISO MAG about detecting spyware, Govind Rammurthy, MD and CEO of MicroWorld Technologies Inc., said, “The Pegasus attack, which the world has recently encountered uses a zero-click method and surely has been difficult to track if one doesn’t know the existing vulnerabilities in their devices. The new upgrade to Pegasus has been designed to bypass the need for any kind of social engineering tactic. However, with time and experience, we have been able to detect current infections and block the spyware.”
The spyware has evolved with time, and unlike its earlier versions that used the spear phishing technique, Pegasus is capable of exploiting bugs in iMessage, allowing it to gain access to millions of iPhones through a backdoor.
Rammurthy further articulated, “Pegasus is a spyware-equipped remote access tool (RAT). The spyware can monitor the user’s activities remotely using the phone’s microphone and camera, as well as take screenshots and record keystrokes. This infection is treated like any other spyware by eScan’s Mobile Security for Android and the action is taken accordingly on it. In case of any active or dormant version of Pegasus is identified while scanning, a warning is triggered on the device by our mobile security application, keeping the user safe from unauthorized surveillance.”
eScan’s mobile security application for Android and Apple devices detects any dormant and active strains of the spyware that is present within the storage space of the device.
Globally governments and authorities are working toward banning spyware and working on policies to prevent these surveillance attacks. With more incidents coming to the fore and awareness being created, significant activity is being reported globally, questioning the misuse of spyware.
Rammurthy, condemns this campaign saying, “In this digital age, data and privacy are of highest importance. Any form of interception of communication is illicit in nature and strict action should be taken against the perpetrators of this campaign. At the same time, the masses should collectively educate themselves on how to spot the signs of such a pernicious campaign and use cybersecurity solutions that can actively thwart the advances of such spyware.”
Shweta Thakare, Vice President – Global Sales and Marketing of MicroWorld Technologies Inc., adds, “We severely castigate the Pegasus campaign that has come to light. It not only violates the freedom of the press but also the basic human rights of the citizens of the free world. Our research and development teams have worked relentlessly to provide a solution for this digital atrocity and we are happy to announce that our cybersecurity solution for mobiles, irrespective of the platform can detect and mitigate this threat with ease.”
MicroWorld concluded that keeping the evolving threat landscape in mind, its team is currently working on adding more upgrades through which the application would be able to proactively detect any security flaws within the device and plug it before a threat actor could capitalize on it. Consequently, both the present and the future are in secure hands.