An investigation revealed that journalists and opponents from several countries were spied on through the Pegasus program.
The Pegasus program of the Israeli company NSO
, which allegedly served to spy on activists, journalists and opponents around the world, is a very sophisticated system that constantly exploits the vulnerabilities of smartphones.
-How does the NSO
spy program work ? -
Once it is entered in the mobile phone, Pegasus exports the user's data (emails, messages, photographs, etc.) to Internet pages created by NSO
, which are constantly renewed to avoid detection.
It's "like you're leaving your phone in someone else's hands," warns Alan Woodward, professor of cybersecurity at the University of Surrey (UK).
This transmission of information goes completely unnoticed by the user and it is very difficult to find any proof of this spying on Android phones. For this reason, the Amnesty International investigation, revealed on Sunday, was based on Apple mobiles.
-How is the victim's phone hacked? -
In its controversial past, well documented by Amnesty, NSO
used cheat SMS, bugs in WhatsApp, iMessage, Apple Music ...
A few years ago, a user action, such as clicking on a link, was required for the phone to be hacked.
But now you don't even need this gesture from the owner for Pegasus to be able to get into your smartphone.
-How does NSO
find phone bugs to get into them? -
With over a thousand employees, NSO
is a large company that employs elite hackers and this allows it to constantly find phone bugs to hack into.
According to experts, it also tends to resort to the "black market" in which cybersecurity researchers, with very little morale, tend to commercialize the flaws that serve as a gateway.
The most popular faults are known as "zero days" and they are errors that no one has detected before and that are difficult to fix.
According to Bastien Bobe, Southern Europe technical director at Lookout, editor of a smartphone protection program, the most valuable "zero days" can be marketed for up to $ 2 million on iOS (Apple's operating system) and $ 2.5 million. million on Android.
-Can this type of spying be avoided? -
Yes and no.
Some simple precautions can make hacking difficult, such as updating your phone or turning it off once a day, since these types of actions make it difficult for these spyware to work.
You can also buy some programs to improve mobile security, but these have few users, "since people feel safer with their phone than with the computer," laments Bobe.
As recognized by this specialist, no action guarantees total protection.
"If someone wants to take control of a smartphone and has significant means to do so (...), such as several million or tens of millions, they will get it," he says.
For this reason, he recommends that those people who have sensitive or coveted information are better off using old non-smart mobile phones.