Uganda and other countries around the world are still reeling from stinging revelations that some of their enemies used malware, developed by Israeli cybersecurity firm NSO Group, to spy on them.
According to an investigation by The Washington Post, The Guardian, Le Monde and other outlets, President Paul Kagame administration used an Israeli made malware Pegasus, to spy on opponents, journalists, lawyers and politicians in Uganda.
Phone numbers of Uganda officials including former Chief of Defence Forces Gen David Muhoozi, former Foreign Affairs Minister Sam Kutesa and former Premier Dr Ruhakana Rugunda appeared on the leaked records, “indicating that they were potential targets of the software,” the inquiry said.
In this story, we find out how Pegasus spyware works and how it get onto people’s phones and the ways to avoid it.
According to researchers, Pegasus was initially used to gain access to a phone through a malicious web link through a message or email. That was way back in 2016. Once a user clicked on the link, Pegasus would be installed on the phone.
However, it has been established that latest versions of Pegasus have exploited weak spots in software commonly installed on mobiles.
For instance, by simply calling the target through WhatsApp, Pegasus could secretly download itself onto their phone, even if they never answered the call.
This means that Ugandan second-hand phones are most vulnerable.
AFP reports that most recently, Pegasus is reported to have exploited weaknesses in Apple’s iMessage software, which would potentially give it access to the one billion Apple iPhones currently in use all over the world all without the owners needing to even click a button.
Dangers of Pegasus once it’s installed
According to researchers, following its installation, Pegasus contacts control servers that enables it to relay commands and gather information from the infected device. From there, it can access passwords, contacts, text messages, and the phone camera, microphone, and GPS, including voice or video calls made through Whatsapp.
“Pegasus is probably one of the most capable remote access tools there is. Think of it as if you’ve put your phone in someone else’s hands,” Alan Woodward, a cybersecurity professor at the University of Surrey in the UK, is quoting as saying by AFP.
According to Woodward, Pegasus’ developers have got “better and better at hiding” all trace of the software, making it difficult to confirm whether a particular phone has been bugged or not.
According to Citizen Lab of University of Toronto, “This malware is designed to evade forensic analysis, avoid detection by anti-virus software, and can be deactivated and removed by operators remotely.”
How to get rid of Pegasus?
Several cybersecurity analysts and experts have pointed out that the only way to get completely rid of Pegasus is to discard the phone that has been affected. According to Citizen Lab, even factory resetting your smartphone will not be useful as it cannot get rid of the spyware completely.