The privacy and security of the internet and smartphone users’ data have been a hot topic for ages, with many angles to the issue. Recently a shocking revelation by The Citizen Lab researchers has stirred the pot for privacy advocates. The Citizen Lab, which is affiliated with the University of Toronto, has revealed that they have found the iPhones of over a dozen journalists were hacked with Pegasus spyware that operates silently without any visible trace.
The Lab found evidence of a spyware attack targeted towards the journalists and producers of Al Jazeera based in London. They have found that their iPhones were compromised using a so-called “zero-click” spyware that encountered its way to the victim’s phone through iMessage. It doesn’t have to use malicious links opened by the users to compromise the phone. It works invisibly without any trace.
How Pegasus was used to spy on victims
Tamer Almisshal, a journalist, working at Al Jazeera, suspects that his phone may have been compromised, so he approached the University of Toronto’s internet watchdog, Citizen Lab, to look into this matter. After a thorough investigation, they found that Pegasus’s spyware is responsible for infecting the victims’ iPhones. It’s developed by NSO Group based in Israel.
The researchers studied the iPhone of Almisshal, and they found that NSO installed the Pegasus spyware in his iPhone from July to August by connecting it to their servers. They found that the spyware was installed through iMessage. They suspect that spyware can track victims’ call logs, record calls and other conversations through the mic, take photos, passwords saved, and real-time location.
Who is behind Pegasus Spyware attack?
The Lab says the operation was carried out by customers of NSO: Governments of Saudi Arabia and the United Arab Emirates. However, the spyware firm has tried to distance itself from the allegations of hacking, and it has said that it doesn’t decide who its customers decide to target. The infamous Jamal Khashoggi murder case revealed that the Saudi government had used spyware to spy on him.
NSO is known to sell the Pegasus spyware to various governments by providing the infrastructure to hack the targets. Another journalist Dridi, of London’s television station Al Araby, was targeted by a zero-click attack. He’s likely the target of the UAE government.
The researchers say that Dridi uses an iPhone XS Max that was hacked from October 2019 to July 2020. They think that there has been an increase in cases of espionage against news journalists and activists. The likes of zero-click attacks make it harder but not impossible to detect the compromisation of a victim’s phone.
After discovering that they found NSO using zero-click to infect more than a thousand WhatsApp users for installing Pegasus spyware, the security patches were deployed to stop the further attacks. Still, it was revealed that the governments spied on over a hundred journalists and activists.
This fiasco furthers the need to put the tech companies and governments under major scrutiny for protecting citizens’ well-being and privacy. The question is, who will do it and how. What’s your opinion on this fiasco? What would you do if you were subject to surveillance? Tell us in the comments. Follow us for more tech stuff.