The World's Most Dangerous Cyber Weapon and The Indian Government - Learn About Pegasus With OSCP Hacker.
Is Government of India really spying on you?
1. From Where The Name “Pegasus“ Came: Pegasus is a mythical winged divine horse, and one of the most recognized creatures in Greek mythology. Usually depicted as pure white, Pegasus is the offspring of the Olympian god Poseidon. He was foaled by the Gorgon Medusa upon her death, when the hero Perseus decapitated her.
Our mainstream media has messed up several concepts and facts which has confused the general public, let us understand What is the Pegasus Spyware?
Pegasus is a fully fledged military grade spyware which is created to spy on complete operating systems (we are aware of its samples of iOS and android it may have versions for other operating systems too which may not have been detected so far). Pegasus is the main spyware by Israel based NSO (Niv, Shalev and Omri, the names of the company's founders) group which is an organisation that is damned interested in critical zero day or unpatched vulnerabilities (Loopholes in computer network which is unpatched or Unfixed) related to Operating systems and applications. That being said it should be obvious that NSO will keep its spyware updated with the latest vulnerabilities they keep getting and in fact that’s what has been going on. NSO claims that they provide the spyware to authorised agencies of governments in a legal way to combat terror and crime but several times it has been found that their spyware has been used by the Governments to spy on human activists, journalists, opposition leaders, military personnel, bureaucrats, intelligence officers, top diplomats etc.
NOTE: Important thing to understand is there are many spywares in which you can find on internet (you can purchase and use them but please use for parental control or other legal use only) but what makes Pegasus special is not the spyware itself (of course all spyware do similar type spying on phones) rather the vulnerabilities that it comes with which helps it’s installation.
Pegasus is capable of reading text messages, tracking calls, collecting passwords, tracing the location of the phone, accessing the target device's microphone(s) and video camera(s), and gathering information from apps (everything what you would expect from a powerful spyware).
2. Pegasus in Whatsapp!
In 2019 WhatsApp got a miss call related vulnerability CVE-2019-3568 : An RCE (Remote Code Execution in Whatsapp VOIP Stack via some crafted RTCP packets (Real-time Transport Control Protocol) on the target device.) What that means is someone could force third party files in your device by just making a miss call on your whatsapp (you pick that call or avoid it things would be same as the voice packets coming to your phone have pushed the file in it or better say made an attempt for that). Not much details about this vulnerability was posted by Facebook Inc. (which owns Whatsapp) nor technical details were shared. It was revealed by Citizen Labs that the vulnerability was used to install Pegasus spyware in phones(the case they got for testing was a failed one though as till then whatsapp had patched the vulnerability). Also the miss call will be deleted from whatsapp logs. The vulnerability was used to drop the payload (inject the spyware) and for the rest the spyware would need other vulnerabilities depending on OS and its functionality. Say in IOS whatsapp is itself sandboxed just like other apps so to carry on things at root level it would need other vulnerabilities (which it needs to spy on applications or get their data). As the trident vulnerabilities were patched long back we can’t say how it would have completed its task in 2019 in iOS (it’s supposed to be for both iOS and android again). Unlike last time Citizens Labs (nor facebook itself) shared technical details so we can’t say much here. Even android also asks you to manually allow installation of apps and also for giving permissions to app so if you have to carry some sort of automation (installing the app and letting it spy) in android you do need some vulnerabilities to let that happen (i meant without letting the victim know what happened in background). Anyways NSO is known for such things.
Note: We can’t tell only from abuse of whatsapp vulnerability that someone was spied upon (do understand the fact that apps are very limited entities working in Operating Systems). To make sure what all happened at the OS level we do need a forensics of those devices.
3. How are your phones tapped by Pegasus?
‘Pegasus USP’ is its capability to invade a phone without a click from the targeted user. Zero-click exploits use bugs in popular Apps. like iMessages, Face Time and WhatsAPP. Which all receive and sort data, sometimes from unknown sources. Once a vulnerability is found, Pegasus can infiltrate a device using the protocol app. The user does not have to click on a link, read a message or answer a call. They may not even see it a missed call or message. Basically, Pegasus can spy on every aspect of the target’s life, It is modular malware after scanning the target’s device. Pegasus could listen to encrypted audio streams and read encrypted messages.
4. How the Pegasus Spyware work smartly on a device?
Pegasus works very smartly on a device, Pegasus did not leave any footprint in the device, it consumes minimal battery, memory & data consumption, it work on self-destruct mechanism in case of exposure risk, if the battery level below threshold no data will be collect it wait untill the phone is charged, when phone is in roaming it send the data to the servers.
5. The Government of India & The Pegasus Spyware
The Government of India (NDA Government Led By BJP) is blamed by the Opposition Leaders and International Media for spying on the Leaders of Opposition, Journalists etc from last year but the Indian Minister of Information Technology Mr. Ashwini Vaishnaw is decline all the blames in Parliament of India and says that GoI did not use any type of spyware or Cyber Surveillance Software(s) to spy on the citizens and VIP’s of the country and at that time this case was cooled down.
Jan 2022: But on Jan. 28, 2022 New York Times Ronen Bergman and Mark Mazzetti post a article on NYT and describe the complete case of “How The Governments of The World Buy Pegasus Spyware From NSO“ and use on their own citizens, Journalists, Military Officers, Diplomats and Top Politicians. In that article Ronen Bergman and Mark Mazzetti says that in 2017 Indian Prime Minister Narendra Modi visit Israeal and sign a military weapon deal with Isreali Prime Minister Benjamin Netanyahu and India bought pegasus as part of Defence Deal With Israel.
Indian National Congress (INC) the Opposition Party of India is again started blaming the Modi Government for using Pegasus Spyware after the NYT report is published, also the Politicians of the Ruling Party (BJP) also condemning this report of NYT but there is not any official statement from the Indian Government’s Public Information Bureau till now.
6. My Personal Opinion On This Case (Opinion of A OSCP Hacker)
Look spying on the enemies and the citizens of your own country is not a new concept, it is too old, Governments of various states spy on the citizens of their own country or the Government Officals, Citizens of Enemy country to protect the interests of their nation, in old time kings use “Guptchar“ or Human Spies for syping but in today’s modern world governments started using Cyber Weapons or Cyber Guptchar with Human Spies, and i think to protect the interests of a nation it is important for the government of that nation to gather the intelligence of the enemies of the country whether they are Internal or External.
In passing out parade of IPS Officers National Security Advisor of India Mr. Ajit Doval says “Civil society, the new frontiers of war, can be manipulated to hurt a nation’s interests”, and this statement of NSA is 100% true, countries which are against India are using our citizens as a weapon for our country.
For Example: China funds a Environment NGO of India for protesting against the Government of India and to pressurize GoI to stop the Roads construction on the China and Pakistan Border. It helps China in case of Indo-China War to stop the supplies of Food & Ammunation of the Indian Armed Forces who are fighting on the Line of Actual Control (Indo-China Border).
Note: It is only an example
Till now, there is no solid evidence that the Government of India actually snooped on their people. If some evidences are found then according to me an independent investigation should be conducted which can find out who the victim is. (Phones of The Political Leaders, Journalists scanned by forsensics experts) But I also reckon we shouldn't blame governments on reports that aren't driven by facts and figures.
Wait for the statement of the Government of India on this case.
If a State use Domestic Surveillance to protect their nation’s interest from Internal enemies, so what's the problem with it?
Is Government Spying On Their Common Citizens With the Help of Pegasus Spyware?
The Crystal Clear Answer is “NO“,
because to use Pegasus for spying on 10 persons cost $650,000 (4,87,51,007 INR), Government did not spent this much money for spying on the Common Citizens, i’m not saying that Government did’nt spying on common citizens i’m just saying that Government did not use Pegasus to spying on the common citizens. If you are not a Bureaucrat, Military Official, Police Official, Politician, Journalist, NGO Member and Terrorist, you do not need to worry.
Purvam Tomer, OSCP Hacker & Geopolitics Enthusiast.