The developers of the “Peagsus” software, the NSO Group, originally licensed it to governments to track down terrorists and criminals.
How does it work?
‘Pegasus’ is spyware used to snoop on phones. It has been claimed that even a missed video call on WhatsApp could give Pegasus full access to users’ smartphones.
It allowed the opening of the phones and the operator installing the spyware on the device without the knowledge of the owner.
This resulted in the hacker accessing user data, including passwords, contacts, calendar events, text messages, and even live voice calls from messaging applications.
The 2019 attacks and the WhatsApp complaint
After the 2019 attacks, WhatsApp in its complaint filed in California said that the attack occurred through its video calling feature.
He said Pegasus is capable of surveillance at three levels: initial data extraction, passive monitoring and active collection.
The software was used to hijack smartphones running on the iOS, Android, and BlackBerry operating systems.
“A buffer overflow vulnerability in WhatsApp’s VOIP stack allowed remote code execution through a series of specially crafted RTCP packets sent to a target phone number,” WhatsApp said in its complaint.
The spyware leaves no trace on the device, consumes minimal battery, memory and data consumption, and comes with a self-destruct option that can be used at any time, the complaint added.
However, this is not the first time that misuse of the software has come to light. Similar surveillance activities were also reported in 2019.
More than two dozen Indian Dalit academics, lawyers, journalists and activists are believed to have been targeted during the 2019 attacks.
The surveillance took place in the run-up to the 2019 general elections.