Flat 70% Discount On Pendrive / Android Courses, Valid Till 29th Feb'20 Call On : 9354229384, 9315859773, 9354252518, 9999830584

Current Affairs

WhatsApp spying with Pegasus malware

Date: 01 November 2019 Tags: Security Threats

Issue

WhatsApp has confirmed that at least two dozen journalists, academicians, Dalit and human rights activists, in India have been targeted for surveillance for a two week period until May 2019. The hackers allegedly used an Israeli technology, Pegasus to conduct the spying.

 

Background

In May 2019, WhatsApp identified that a bug in the app’s call function was used to install a malicious code into users’ phones. On October 29, it identified the malicious code as Pegasus, a spyware developed by an Israeli company, NSO.

 

Details

  • The code is transmitted by calling the target phone on WhatsApp. The code enters the phone even if the call is not answered.

  • This is only one of the ways of delivering Pegasus. There are several other cases such as alarming SMSs that prompt targets to click on a link.

  • Once installed, Pegasus can send the target’s contacts, calendar events, phone calls on and messages on communication apps like WhatsApp and Telegram to the spyware’s controller.

  • The controller can also turn the phone into a spying device by switching on its camera or microphone.

Malwares

  • Malware, or malicious software, is any program or file that is harmful to a computer user. Types of malware can include computer viruses, worms, Trojan horses and spyware.

  • These malicious programs can perform a variety of different functions such as stealing, encrypting or deleting sensitive data, altering or hijacking core computing functions and monitoring users' computer activity without their permission.

Types of malware

  • virus is the most common type of malware which can execute itself and spread by infecting other programs or files.

  •  worm  can self-replicate without a host program and typically spreads without any human interaction or directives from the malware authors.

  • Trojan horse   is designed to appear as a legitimate program in order to gain access to a system. Once activated following installation, Trojans can execute their malicious functions. 

  • Spyware  is made to collect information and data on the device user and observe their activity without their knowledge.

  • Ransomware is designed to infect a user's system and encrypt the data. Cybercriminals then demand a ransom payment from the victim in exchange for decrypting the system's data.

  • A  rootkit  is created  to obtain administrator-level access to the victim's system. Once installed, the program gives threat actors root or privileged access to the system.

  • A backdoor virus or remote access Trojan (RAT) secretly creates a backdoor into an infected system that allows threat actors to remotely access it without alerting the user or the system's security programs.

  • Adware is used to track a user’s browser and download history with the intent to display pop-up or banner advertisements that lure the user into making a purchase. For example, an advertiser might use cookies to track the web pages a user visits to better target advertising.

  • Keyloggers, also called system monitors, are used to see nearly everything a user does on their computer. This includes emails, opened web-pages, programs and keystrokes