Pegasus – did the CBA actually buy it?

The Internet is buzzing with news that Pegasus has been purchased by the Central Anti-Corruption Bureau. What is the famous Pegasus and why is everyone so afraid of it? Is the CBA actually in possession of it? Is it legitimate? We invite you to read the following article.

Pegasus – what is it?

It’s Israeli software that was created for spying. However, it is not just any application – it is a world-class program that can really do a lot. Pegasus has the ability to read data from phones, record ongoing conversations and even peep at people through the cameras of various equipment. It can therefore be used for surveillance – and this is what people are afraid of.

As we can read in the official Pegasus manual:

“Pegasus is the world’s leading cyber intelligence solution that enables law enforcement and intelligence operations to remotely and covertly extract valuable information from virtually any mobile device. This groundbreaking solution was developed by veteran elite intelligence professionals to provide governments with a way to solve the problem of message interception in today’s highly dynamic cyber battlefield. By capturing new types of information from mobile devices, Pegasus fills a significant technology gap to provide the most accurate and complete intelligence for your operations.”

Entire manual here: https://www.documentcloud.org/documents/4599753-NSO-Pegasus.html

Who developed Pegasus?

The software was developed by the Israeli company NSO Group, which until some time ago hid its activities. Now, however, their work is being increasingly recognized by the governments of various countries. The company itself promotes the application as necessary and useful in the fight against terrorism and other illegal ventures, such as drug gangs, child trafficking, etc.

Which countries have access?

The sale of Pegasus outside Israel (and thus to the CBA) must be approved each time by the country’s defense ministry there. It is already known that it has been sold used several times in the Middle East, including Saudi Arabia, Morocco and the United Arab Emirates. However, it has also been noted for some time that there are traces of Pegasus use in Europe as well. Little, it is rumored that evidence of use of the system will also be found in Poland. Pegasus – CBA? Quite possibly, it is well known today that the services have various tools and technologies for surveillance.

Who is afraid of Pegasus?

Everyone is afraid of it, although not everyone really should be. After all, the services won’t use such a prestigious program to track innocent conversations or peep at ordinary residents of the country. In fact, those who have something to hide should tremble with fear. Criminals, thanks to Pegasus, would be exposed to the authorities at a fork in the road, which could increase the country’s security. Nevertheless, the public fears that the software will be used in an inappropriate way, that is, for surveillance of all citizens….

How does the software work?

The news of possible surveillance by Pegasus was reported by computer scientists working in Canada, in Toronto. This is because they discovered a tool, contained in the system, that could be used for this very purpose. The frightening information spread around the world, and with it – the software’s operating instructions. It turned out that Pegasus can be installed remotely in any smartphone, and without the owner’s knowledge. What’s more, it has the ability to automatically remove itself from the phone and obliterate all traces of its existence if there is a possibility that it has been detected. Well, it has access to everything it finds on the device – emails, messages, photos, accounts kept on social media, programs, documents, etc., etc., etc. Pegasus also allows it to change settings on an “attacked” phone, bug it and even hack into the camera and peep at the smartphone’s owner.

Pegasus CBA — Is this what Pegasus surveillance tools look like

Not much he needs…

Pegasus obviously requires a great deal of knowledge and experience from the person who uses it. In addition, in order to run it and install it remotely on devices, you need computers that have algorithms that can break security. But that’s still not much for such powerful software and capabilities as CBA has.

Pegasus allows total control of the device, photo: The Citizen Lab

Pegasus in Poland?

A few days ago, analysis and monitoring of the Internet unfortunately showed that Pegasus is also operating in our country. At least, that’s according to the same computer scientists in Canada who detected its surveillance capability. CitizenLab employees announced that the system was in the hands of one of the Polish services, as they had detected its activity in Poland (proof of this is to be found, among other things, in the fact that the software operator had a website name with the suffix “.pl”). However, it was quickly determined which service had acquired the Pegasus license, and everything points to the CBA, which used funds from a grant obtained from the Crime Victims Assistance Fund to do so. Where did this suspicion come from? Well, thanks to a NIK audit, it has come to light that it was the CBA that received as much as 25 million Polish zlotys from public funds for the acquisition of the quoted “special technology means for the detection and prevention of crime.”

Is it legal to use Pegasus?

It turns out that the software may be illegal when it comes to the option of surveillance of citizens. It is for this reason that the company responsible for its creation, NSO Group, was recently (in 2019) sued by human rights organizations. Their terms are clear – they want the sale of Pegasus abroad to be banned. The organizations cite multiple tracking of equipment belonging to activists and journalists. Such incidents, on the other hand, are blatant violations of basic human rights, according to them.

Do the CBA and Pegasus have anything in common? Did the CBA buy Pegasus? Are the Polish services acting in accordance with the law? No one officially admits that the Central Anti-Corruption Bureau actually purchased the system. The institution itself vehemently denies that such a situation occurred. However, there is some evidence that Pegasus is operating in Poland. At this point, the NIK and the Justice Fund authorities do not confirm information on whether the CBA bought tools, software or technology from NSO Group in 2019 09.

2020 – new information on Pegasus

Online security specialists repeat to the boredom the basic rules of appropriate online behavior such as avoiding going to suspicious sites or clicking on links from unknown sources. All this is done to protect your equipment from malicious spyware. However, when using Pegasus, even this is not enough, as it can hack your phone or computer without clicking on dangerous links.

Pegasus hacks without clicking on links

This was discovered by Moroccan journalist and human rights activist Omar Radi, who, according to a report prepared by Amnesty International, was eavesdropped on by his country’s authorities for more than a year using precisely this one of the world’s most advanced spying systems. The Moroccan in the spring of 2019 on Twitter criticized judges convicting participants in anti-government protests in the city of al-Hussein. It was then that the authorities began eavesdropping on him. They used Pegasus to do this, which redirected data traffic from his iPhone to a special server infecting it with malicious code. Radi didn’t even realize the connection was “infected,” and by doing so, the authorities gained access to all the data on his device and were able to eavesdrop on him. The IMSI Catcher, which authorities in many countries use to conduct wiretaps, was probably used for this purpose. One of the manufacturers of such devices is NSO Group, the Israeli company that created Pegasus.

It’s worth noting that Radi was careful about what he did on the Internet like few others. He knew he was fighting a state that was not democratic and did not protect freedom of speech, so he did not use messengers that are not encrypted and unsecured sites. And yet, the authorities managed to “hack” him. Since any security system is only as strong as its weakest link, it only took one element that didn’t work. If any of the sites visited via the journalist’s iPhone contained any content whose address did not include https, or protocol encryption, the path to eavesdropping was already open. The malicious code gave the Moroccan secret service full access to Radi’s phone, all his calls and instant messages, and everything he did from then on was used against him.

A new type of attack

Both the head of Amnesty International ‘s security lab Claudio Guarnieri and the international Citizen Lab, which investigated the case, are convinced that the Moroccan journalist was under surveillance by the authorities. This was a new type of automated attack using specialized spyware that leaves very few traces, which distinguishes it from traditional attacks that require clicking on an infected link. – After analyzing electronic fingerprints, we were able to confirm that the infrastructure used for this attack is manufactured by NSO Group ,” commented Guarnieri on the case.

Is there anything to fear?

In Poland, there has been a debate for several months about whether the CBA purchased the Pegasus system and has such a powerful tool for surveillance of citizens. Theoretically, the average person should not fear the use of this particular system against him, since he is unlikely to do anything that would be of that much interest to the secret service. However, this does not change the fact that we should constantly be reminded of the basic rules, the observance of which on the Internet guarantees protection from the more mundane threats that lurk around us, such as attempts to extort money or data that can be used by someone to steal our identity. Unfortunately, however, the case of Omar Radi is a reminder that with the development of technology, even the most careful use of equipment may not be enough for us to feel truly safe.

<h2>Known victims of Pegasus</h2><p>Pegasus was intended to be used in the fight against terrorism. Its premise was to allow surveillance of selected individuals who use iOS and Android smartphones, using vulnerabilities undetected by the manufacturers of such hardware as well as software. Most such victims in truth are unaware that it is on their devices that the software has been installed, which gives permission to track activities carried out using the device in question. The process of infecting a device with Pegasus can even be based on accidentally clicking on a special link that is sent deliberately to a crafted recipient, on remotely infecting a device by swapping data downloaded by a smartphone, which can take place while using the Internet, or by physically taking over the device in question.</p><div class='code-block code-block-1' style='margin: 8px 0; clear: both;'> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1947934051139808" crossorigin="anonymous"></script> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-1947934051139808" data-ad-slot="3432703969" data-ad-format="auto" data-full-width-responsive="true"></ins> <script>(adsbygoogle = window.adsbygoogle || []).push({});</script></div><p>Victims of Pegasus itself have included journalists from editorial boards such as Bloomberg, France 24, the New York Times, Economist, Reuters and even Wall Street. Of the more than 50000 people under surveillance, nearly as many as 1000 of them are from Europe. Of these, nearly 180 cases are journalists from the aforementioned editorial offices. Some of those who were subjected to surveillance have left the earthly carcass in the recent past. The list of victims also included clergymen, ministers, politicians’ families, and activists. What is not hard to guess, the data obtained by Pegasus does not connect in any way with the fight against terrorism. In truth, virtually anyone who for some reason is inconvenient to the authorities of a country can be invigilated. The full list of Pegasus victims has not yet been published, but it is already known that people from such countries as Azerbaijan, Kazakhstan, Bahrain, Morocco, Mexico, Rwanda, Saudi Arabia, India, Hungary and the United Arab Emirates can be targeted.</p><h2>How to defend against Pegasus?</h2><p>Pegasus, as well as other tracking programs, were created to invigilate discreetly, so the most accurate defense is ironclad common sense and keeping your phone fully secure. There are various methods of defense, but there are also those that allow you to increase security a bit more, where the basis is always to keep your applications and system up to date, because outdated, that is, full of vulnerabilities applications are an easy morsel. Unfortunately, also those older devices that are armed with outdated operating systems are much more vulnerable to attacks. It’s also worth avoiding clicking on suspicious links, that’s first and foremost. And while Pegasus can be used to invade even the newest smartphones, resetting them daily can make attacks exceedingly difficult, as most of the malware would most simply not survive a reboot. Using difficult as well as unique passwords can also help, there’s also talk of using password managers such as 1Password or even LastPass, U2F key, or two-factor authentication. What is also important, and even trivial, is not to believe in fairy tales, because there is no software that will be able to detect surveillance. Robust analysis will always be required for that. And if anyone is offering such software, it is certainly the merest hoax. It’s worth watching out for.</p><h2>Pegasus is not the only one spying!</h2><p>It is worth noting, also, that Pegasus is not the only solution for remote surveillance of smartphone users. Software of this type can be created with childish ease, all it takes is a sufficient number of stub programmers, whose task would be just to assemble the right “blocks.” The whole puzzle is just security vulnerabilities, which can be purchased at least through exploit brokers. One similar software to Pegasus is SPYPHONE S-Agent, a program designed to eavesdrop, monitor and supervise an Android smartphone. It mainly allows you to collect accurate information from the monitored device. This program records text messages received and sent, moreover, it can be used as a phone eavesdropper, as it collects the history of conversations and allows you to record them, and even copies every contact. Among the more interesting functions of this program is certainly very accurate location monitoring, which can be sent as a point marked on a map, or take the form of a line drawn on it, which will show the user the exact route traveled by the eavesdropped device user. Speaking of complementary functions, it is worth noting that the program also supports monitoring of visited websites, collects photos taken and videos shot with a given device, and gives the possibility to continuously record the environment. All data collected by SPYPHONE S-Agent is sent to any e-mail address and takes the form of a report. They can also be sent via WiFi or data transmission, it all depends on the user.</p>

In 2018, Citizen Lab revealed traces of Pegasus activity in Poland as well (photo: Citizen Lab). — In 2018, Citizen Lab revealed traces of Pegasus activity in Poland as well (photo: Citizen Lab)

New detection tool meant to detect Pegasus, infects computers

To meet the expectations of users of computers, phones and the Internet, after the appearance of information regarding the creation of Pegasus – software for spying on citizens – software began to emerge to detect Pegasus. After all, each of us would like to know if we are being surveillance by the services.

But should one mindlessly click on a link to download anti-spyware software?

The answer is: absolutely not! Hackers taking advantage of the situation decided to impersonate Amnesty Internetional and created a fake website faithfully reflecting the original. The fake site differs from the original only in the background color, which for the average user is impossible to notice. Users are able to download software that pretends to detect Pegasus on our devices. In fact, Anti Pegasus developers get remote access to our device and the data on it. In fact, it has not been determined how many network users have been infected, but for the moment it is not yet a massive attack.

New detection tool designed to detect Pegasus infects computers — New detection tool designed to detect Pegasus, infects computers

How much damage can Anti Pegasus do?

There is no exact data on for what purpose the hackers remotely connect to Internet users’ devices, as money from ban accounts is not being stolen. Perhaps it’s to seize personal data and use it later, yet Anti Pegasus is supposed to counter such procedures itself. Remote access to the device also allows hackers to later install various software and plug-ins that infect our hardware. People who have downloaded malware are not really able to notice it on their computer. Anti Pegasus is programmed in such a way that it can bypass security.

Should you opt for Anti Pegasus?

In conclusion, Anti Pegasus software, instead of helping to detect the Pegasus spyware system on our device, can do more harm than good. It is very difficult to notice that our computer has been hacked.

Brigham Hill

As Brigham Hill, the creator of Inlogic.eu, my passion for diverse knowledge and sharing it with the world has led me to establish a digital portal that explores a wide range of topics. My background, rooted in an insatiable curiosity about the world, drives the website’s content, from health and beauty, motorization, to legal and even taboo subjects. I believe in the power of education and information, aiming to make it accessible to everyone. My journey into this venture began with a simple desire to create a space where learning and sharing knowledge are valued above all. Through Inlogic.eu, I've strived to connect with like-minded individuals who seek understanding and insights into the various facets of our lives, demonstrating my commitment to a well-informed community.