End-to-end encryption is a technology that scrambles messages on your phone and only scrambles them to the recipient’s phone, meaning that no one interrupting the messages can read them. Dropbox, Facebook, Google, Microsoft, Twitter, and Yahoo are among the companies whose apps and services use end-to-end encryption. This type of encryption is good for protecting your privacy, but governments don’t like it because it makes it harder for them to spy on the public, track down criminals and terrorists or monitor some governments such as dissidents, protesters and journalists. Enter the NSO Group, an Israeli technology company.
The company’s flagship product is Pegasus, spyware that can sneak into a smartphone and penetrate everything, including its camera and microphone. Pegasus is designed to penetrate devices running on Android, BlackBerry, iOS, and Symbian operating systems and turn them into surveillance devices. The agency says it sells Pegasus only to the government and only for the purpose of tracking criminals and terrorists. An earlier version of Pegasus was installed on a smartphone via commonly used app vulnerability or through spear-phishing, in which a target user clicks on a link or secretly installs software to open a document.
It can also be installed on a wireless transceiver located near a target, or if an agent can steal the target’s phone. This means that the latest version of this spyware does not require the smartphone user to do anything. All that is required for a successful spyware attack and installation is to install a particularly weak app or operating system on the device.
This is known as zero-click absorption. Since 2019, Pegasus users have been able to install the software on smartphones with a missed call on WhatsApp, and even delete the record of the missed call, which is a mistake for the phone owner to know is impossible. Another way is to simply send a message to the user’s phone that does not generate any notifications.
Once installed, Pegasus can theoretically collect any data from the device and send it back to the attacker. It can steal photos and videos, recordings, location records, contacts, web searches, passwords, call logs and social media posts. It also has the ability to activate the camera and microphone for real-time surveillance without the user’s permission or knowledge.