Category: Pegasus

After the Israeli company NSO Group developed the Pegasus spyware, users of WhatsApp have now become the targets of another spyware, this time created by the Israeli firm Paragon. In the previous instance, multiple entities acquired Pegasus, originally designed for government surveillance, to spy on WhatsApp users. However, in this new case, Paragon, the software company, is facing the accusations.

WhatsApp has uncovered evidence that at least 90 individuals from over 50 countries were targeted by the Graphite malicious software for surveillance purposes. As a result, WhatsApp, a subsidiary of Meta, has sent a “Cease and Desist” letter to Paragon, warning the company of the legal consequences they may face for engaging in unlawful cyber activities.

The letter describes the Graphite Spyware as a tool used for espionage without the victim’s consent, primarily designed to collect sensitive information such as messages, calls, contacts, photos, videos, and in some cases, banking details. This stolen data is then transmitted to remote servers for further use.

Paragon, which claims to develop ethically responsible tools on its website, has also received a similar letter with legal obligations sent to law enforcement agencies and Citizen Lab, an organization dedicated to protecting human rights online.

In 2021-2022, Meta also fought a legal battle with NSO Group for selling its Pegasus spyware to third parties who used it to target over 1,400 WhatsApp users in 2019. This list of victims included Amazon’s CEO Jeff Bezos, whose extramarital affair was exposed through the spyware. After thorough investigation, Meta confirmed the allegations, leading to a halt of NSO’s operations in the United States.

Now, Paragon may face a similar outcome. With the evidence collected by WhatsApp, the surveillance tool maker appears to be guilty of the accusations.

If this issue escalates to the White House and attracts significant attention, Paragon may also lose its contract with U.S. Immigration and Customs Enforcement (ICE), a deal worth $2 million or more.

The post WhatsApp users targeted by Paragon Spyware appeared first on Cybersecurity Insiders.

Over the past few years, we’ve witnessed a series of alarming reports about the infamous Pegasus spyware, developed by Israeli cyber intelligence firm NSO Group. The spyware has been at the center of numerous scandals, notably involving high-profile targets such as Amazon founder Jeff Bezos. In one such incident, a Saudi Arabian prince, in collaboration with remote hackers, allegedly used Pegasus to infect Bezos’ phone. The attackers were then able to monitor Bezos’ private communications, including sensitive personal information about his relationship with Lauren Sanchez, his current girlfriend. This high-profile case was just the tip of the iceberg, as it soon became clear that Pegasus had been used in numerous other breaches of privacy, affecting both public figures and ordinary citizens.

A recent study by iVerify, a mobile security research company, reveals that the scope of the Pegasus spyware’s reach is far more extensive and troubling than initially suspected. According to the study, researchers have identified five new variants of Pegasus targeting iPhones and Android devices, impacting not just celebrities, politicians, or activists, but also ordinary individuals. The research underscores a growing concern: this type of malware is no longer just a tool for high-level surveillance but is becoming a pervasive threat to everyday users, regardless of their social status or prominence.

The Findings of iVerify: A Shocking Discovery

iVerify’s investigation, based on data collected through its Mobile Threat Hunting feature, indicates that these new strains of Pegasus are circulating widely. Since its launch in May, the Mobile Threat Hunting tool has been used to detect malicious software designed to infiltrate mobile devices, stealing highly sensitive personal data such as photos, videos, call logs, messages, and even location information. According to the findings, Pegasus is now more prevalent than ever—despite the growing awareness of its existence and the heightened scrutiny on spyware in general.

One of the most concerning revelations from iVerify’s research is that these new Pegasus variants are persisting undetected on public phones, despite the existence of anti-malware software and security solutions. This points to a serious gap in the ability of conventional security tools to identify and neutralize sophisticated spyware like Pegasus. The malicious software has been quietly infiltrating phones, collecting personal data, and evading the detection of most conventional anti-malware solutions.

The Evolution of Pegasus: From Law Enforcement Tool to a Global Surveillance Weapon

Initially, NSO Group developed the Pegasus spyware as a tool for law enforcement and intelligence agencies, aimed at tracking criminal activity and terrorists. Until 2018, it was marketed as a legitimate surveillance solution for government agencies around the world. However, the company’s business model shifted in the following years. NSO began offering the spyware to private clients, which led to widespread abuse and the targeting of journalists, activists, and political figures.

The shift in the business strategy, coupled with the growing availability of cracked versions, has turned Pegasus into a global surveillance weapon. The spyware is now available on various dark web platforms, and in some cases, it is even being distributed through third-party websites, particularly those hosted in China, where the software is sometimes made available in modified or cracked forms. These versions are now being used by unauthorized individuals and groups to infiltrate phones for a variety of illicit purposes, including corporate espionage, blackmail, and even political surveillance.

The Legal and Ethical Implications of Spyware

The use of spyware to infiltrate someone’s personal device without their consent is illegal in most parts of the world, and rightly so. Unauthorized surveillance, especially when it involves accessing private information, constitutes a serious violation of privacy rights. Whether the target is a private citizen or a public figure, the act of spying on an individual without their knowledge or consent is a crime in nearly all jurisdictions. The growing accessibility of tools like Pegasus raises significant concerns about personal freedoms, digital security, and the ethical boundaries of surveillance.

Given the widespread and largely unregulated availability of spyware tools, there is a growing call for stricter international regulations governing their use. Governments around the world are grappling with how to address the issue of digital espionage and unauthorized surveillance. While some countries have introduced legislative measures to protect citizens from spyware, the pace of technological advancement continues to outstrip regulatory efforts, leaving millions of people vulnerable to these kinds of attacks.

iVerify’s Ongoing Investigation

As of now, iVerify has not been able to trace the exact identities of those behind the release of these new variants of Pegasus. The company has discovered the malware on seven devices out of 1000 examined so far, and they are continuing to investigate the full scope of the attack. iVerify plans to issue an update on their findings as more information becomes available. In the meantime, the growing presence of Pegasus highlights the urgent need for increased awareness and vigilance among mobile users.

The study serves as a stark reminder that no one, not even the most ordinary of individuals, is immune to the risks of digital surveillance. As mobile devices become an integral part of our daily lives, we must remain vigilant and prioritize the protection of our personal data against increasingly sophisticated threats like Pegasus.

Conclusion: The Threat is Real, and it’s Growing

The disturbing findings from iVerify’s research signal a troubling trend in the evolution of digital surveillance. What was once a tool for law enforcement agencies has now become a widespread and easily accessible instrument of privacy invasion. As the threat of Pegasus continues to grow, it is crucial for both individuals and organizations to be proactive in securing their mobile devices and to remain vigilant about potential threats. The battle against digital espionage is far from over, and as Pegasus evolves, so too must our defenses.

The post The Rising Threat of Pegasus Spyware: New Findings and Growing Concerns appeared first on Cybersecurity Insiders.

ICO and UK NCA Collaborate to Support Cyber Attack Victims

The Information Commissioner’s Office (ICO) and the UK’s National Crime Agency (NCA) have entered into a Memorandum of Understanding (MOU) to enhance support for victims of cyberattacks. Under this agreement, victims of cyberattacks and ransomware will receive comprehensive assistance from government agencies, aiming to reduce risks associated with data breaches and digital threats. Both organizations will work together, sharing information about incidents while ensuring that victim data remains confidential without consent. The agencies will also address the impact of attacks using scientific methods and professional support to mitigate risks.

RansomHub Ransomware Targets Planned Parenthood

RansomHub, a ransomware group possibly funded by Russian intelligence, has threatened Planned Parenthood, a non-profit organization focused on reproductive health, with a demand for $30 million. The group, previously linked to BlackCat (also known as ALPHV), has claimed it will sell the stolen data if their demands are not met. They have reportedly already put 1GB of the stolen data up for sale, applying pressure on the organization with a deadline approaching this weekend.

Cosmic Beetle Deploys SCRansom Ransomware

The Cosmic Beetle threat group, associated with the Kremlin, has begun deploying SCRansom ransomware targeting small and medium-sized businesses across Europe, Asia, Africa, South America, and parts of the Middle East. The ransomware primarily affects sectors including manufacturing, legal, education, healthcare, and technology, with recent attacks also impacting finance and hospitality businesses. Cosmic Beetle, an affiliate of RansomHub, is using a toolkit named Spacecolon to spread the Scarab Ransomware globally.

Poland Blocks Pegasus Spyware Investigation

NSO Group, the developer of the Pegasus surveillance software, has faced controversy for selling the software to private individuals who used it for unauthorized spying. Following its global misuse, several countries, including the U.S., Australia, India, Germany, and Poland, imposed bans on the software and launched investigations into the misuse. However, Poland’s special Parliamentary Commission has blocked the investigation, citing its unconstitutionality. Magdalena Sroka, head of the Pegasus Probe Commission, has condemned the ban, accusing it of being politically motivated by the previous government.

The post Latest Cybersecurity News Headlines on Google appeared first on Cybersecurity Insiders.

CISA, the United States's Cybersecurity and Infrastructure Security Agency, has ordered federal agencies to patch their iPhones against vulnerabilities that can be used as part of a zero-click attack to install spyware from the notorious NSO Group. Read more in my article on the Tripwire State of Security blog.

Spanish Government has released a press statement confirming Pegasus malware on the smart phones of Spanish Prime Minister (PM), Pedro Sanchez and the region’s Defense Minister, Margarita Robles.

Pegasus is spying software when installed on a device sends information about the calls, messages, phones, videos and all other device related info to remote servers or those who installed the surveillance tool on the victims’ mobile.

Pedro Sanchez’s secretary acknowledged the incident and added that the phone of the PM was targeted between May and June 2021 and the defense minister’s device was victimized in June the same year.

Spain’s Criminal Court, Audiencia Nacional, has taken the incident seriously and has launched a probe to track down the culprits behind the incidents.

Few media resources from Spain report the incident as an act of an insider, i.e. an issue conducted by people close to the PM’s chair or those working for opposition.

The United States banned NSO Group, that developed Pegasus surveillance software, last year. The company developed the software to offer governments across the world to spy on those people posing risk to the national security.

Conversely, as we all know, the software reached the hands of some fickle minds who used the software to spy on politicians, sports persons, celebrities and socialites across the world.

Canada also imposed a ban on the use of the Pegasus software after it found 65 people linked to Catalan Separatist Moment targeted by a nation funded hackers group.

 

The post Pegasus malware installed on Spanish PM Phone appeared first on Cybersecurity Insiders.