PEGASUS – MALICIOUS SOFTWARE

Recently, it has been reported that Pegasus, the malicious software, has allegedly been used to secretly monitor and spy on an extensive host of public figures in India.

Important points:

  • It is a type of malicious software or malware classified as a spyware.
  • It is designed to gain access to devices, without the knowledge of users, and gather personal information and relay it back to whoever it is that is using the software to spy.
  • Pegasus has been developed by the Israeli firm NSO Group that was set up in 2010.
  • The earliest version of Pegasus discovered, which was captured by researchers in 2016, infected phones through what is called spear-phishing – text messages or emails that trick a target into clicking on a malicious link.
  • Since then, however, NSO’s attack capabilities have become more advanced. Pegasus infections can be achieved through so-called “zero-click” attacks, which do not require any interaction from the phone’s owner in order to succeed.
  • These will often exploit “zero-day” vulnerabilities, which are flaws or bugs in an operating system that the mobile phone’s manufacturer does not yet know about and so has not been able to fix.
  • Human Rights activists, journalists and lawyers around the world have been targeted with phone malware sold to authoritarian governments by an Israeli surveillance firm.
  • Indian ministers, government officials and opposition leaders also figure in the list of people whose phones may have been compromised by the spyware.
  • In 2019, WhatsApp filed a lawsuit in the US court against Israel’s NSO Group, alleging that the firm was incorporating cyber-attacks on the application by infecting mobile devices with malicious software.

Types of Cyber Attacks

  1. Malware: It is short for malicious software, refers to any kind of software that is designed to cause damage to a single computer, server, or computer network. Ransomware, Spy ware, Worms, viruses, and Trojans are all varieties of malware.
  2. Phishing: It is the method of trying to gather personal information using deceptive e-mails and websites.
  3. Denial of Service attacks: A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users.
  4. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash.
  5. Man-in-the-middle (MitM) attacks: Also known as eavesdropping attacks, occur when attackers insert themselves into a two-party transaction.
  6. Social Engineering: It is an attack that relies on human interaction to trick users into breaking security procedures in order to gain sensitive information that is typically protected.

SOURCE: THE HINDU,THE ECONOMIC TIMES ,MINT

About ChinmayaIAS Academy - Current Affairs

Check Also

What to do with spent nuclear fuel?

Syllabus:  Alternate fuel Context: Japan has started releasing treated radioactive water from the beleaguered Fukushima …

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Free Updates to Crack the Exam!
Subscribe to our Newsletter for free daily updates