NSO's Pegasus: How to know you're being tracked - and how to stop it

 NSO's Pegasus: How to know you're being tracked - and how to stop it

Do you think your phone is being targeted? These signs could help determine if you've been hacked and what you can do about it.

By YINON BEN SHUSHAN/WALLA 

Published: FEBRUARY 8, 2022 19:00 Updated: FEBRUARY 8, 2022 21:35

The investigation into the Israel Police's alleged misuse of NSO's Pegasus spyware has revealed the extent of the widespread use of the software against senior officials in the public and private sectors.

Are you concerned for your privacy? This is how you can know if you're being tracked – and how to protect yourself.

How does NSO's Pegasus work?

The spyware carries out an action that, if someone without permission to do so activated it, would be considered a criminal act and a violation of law. It is an "offensive cyber" software; it does not perform defensive actions, but rather offensive ones which are intended to compromise the existing defenses of devices and operating systems.

Pegasus exploits a number of vulnerabilities in the software - but mostly so-called "zero-day vulnerabilities." These vulnerabilities have been given this name because they are loopholes in the software and operating systems of our devices that have not yet been discovered (hence the "zero-day") and have not been closed off by the companies producing the equipment or operating systems like Android by Google. It usually takes some time before these vulnerabilities are discovered and sealed.

How do you know if your phone has been hacked?

One of the common tactics for hacking a victim's device is phishing messages and spam that contain malicious links or attachments. If the victim clicks on the attachment or link (which leads to the download of malware to the device), this malware allows hackers to commit their crimes.

"The most common signs that show that a device has been hacked are faster-than-normal battery drainage, sudden increases of internet usage unrelated to browsing habits by the user of the device, GPS and internet options turning on and off independently, randomly displayed advertisements, or unfamiliar apps installed without your permission," said information security company ESET's damage investigator Lucas Stepenko.

Another sign of a potential hack is an abnormal change in the behavior of apps that previously worked normally, such as the opening or closing of an app, crashes or unexpected errors.

Not only does this affect apps but also the device itself, causing the operating system to behave strangely, according to Stepenko.

If you or one of your contacts are receiving weird calls or messages, or your call or message history includes records you are not familiar with, it is a possible sign that there may be malware on your device trying to make calls or send messages to international premium phone numbers.

Lest we forget, of course, one of the most obvious signs: If your Android is damaged by ransomware, you may just be locked out of the phone altogether.

Update your device system and don't download files from unknown sources 

Tom Malka, a cyber-threat intelligence researcher, said that "in order to stay as safe as possible, I would, first of all, recommend continuing to update the smartphone system frequently. These updates contain security updates that close off potential security vulnerabilities once they have been revealed."

Did you receive a suspicious message with a malicious link to download an app? Do not rush to click it.

"Remember that oftentimes, 'free' is expensive and if the temptation calls for you to download apps outside of the app store, the exposure to risk increases," Malka added. "It is important to be careful not to fall into a clickbait trap out of fear of spyware in particular, malware in general and of course a waste of time."

"Most exploitations are carried out through vulnerabilities in existing apps that are downloaded broadly or are default apps on the devices, such as iMessage in the case of NSO's spyware," said Kayran CEO Sahar Avitan. "It is therefore crucial to update one's device, which will make it difficult to carry out malicious operations on devices in contrast to outdated systems that have not been updated."

Force restart your device daily 

A study by Amnesty and Citizen Lab showed that Pegasus and similar software rely on zero-day vulnerabilities and do not need the user to click on a message or link, but they have no resistance against a device restart, meaning a forced shutdown of the device by pressing the power and volume buttons at the same time.

Frequent rebooting helps "clean" the device of malware. If, for example, the device is rebooted daily, the attackers are then forced to infect the device once more with the software. This also increases the likelihood that it will eventually be identified by the security solutions built into the device.

Use a VPN 

This is an action that makes it difficult for attackers to segment users based on their internet traffic. "It's important to remember that in 2022, the subject of our privacy is thrown into doubt," said May Brooks-Kempler, a cyber expert and co-founder of the Safe Online community on Facebook. "We search on Google, we open profiles on dating websites, we update our social networks, etc. Remember that everything that goes online stays online.

"To protect your privacy and anonymity in the current reality, it is important to enable privacy settings on networks, delete cookies, use anonymous or incognito browsers, and in some cases VPNs," she added. "The most important thing is to think before you post."

She added that it's important to go with paid VPNs and not free ones.

My phone was hacked. How can I fix it? 

Once you have discovered that your phone was infected with malware, you should not throw it away rather it is better to identify the culprit and get rid of them. 

For example, in the case of unwanted and annoying pop-up advertisements, you can identify which app is responsible for them by opening the "Recently opened apps" menu and long-clicking on the app icon. 

According to ESET, while version 9 of Android and the versions before it allowed malicious apps to hide their icons, this option was blocked starting with version 10 of the operating system. This vulnerability has previously allowed hackers to impersonate other apps or try to hide themselves by using a transparent icon and a blank name.

"If you have used an iOS-based device so far, switch to an Android or vice versa," said Kaspersky Cyber Security Solutions. "This may confuse the attackers and delay the rest of the attack for a while."

The company also recommends getting a backup device for secure communication: for example, a device that runs on the GrapheneOS – an Android system based on a rugged security system – would be a good choice.

https://www.jpost.com/business-and-innovation/tech-and-start-ups/article-695882

Comments

Post a Comment

Popular posts from this blog

BMW traps alleged thief by remotely locking him in car

BMW traps alleged thief by remotely locking him in car Stealer's Wheel? Seattle police department quotes "Watchmen" movie in a recap of the recent arrest. Tech Culture by Gael Fashingbauer Cooper December 4, 2016 5:00 PM PST It's maybe the most satisfying arrest we can imagine. Seattle police caught an alleged car thief by enlisting the help of car maker BMW to both track and then remotely lock the luckless criminal in the very car he was trying to steal. Jonah Spangenthal-Lee, deputy director of communications for the Seattle Police Department, posted a witty summary of the event on the SPD's blog on Wednesday. Turns out if you're inside a stolen car, it's perhaps not the best time to take a nap. "A car thief awoke from a sound slumber Sunday morning (Nov. 27) to find he had been remotely locked inside a stolen BMW, just as Seattle police officers were bearing down on him," Spangenthal-Lee wrote. The suspect found a ke...
Read more

Report: World’s 1st remote brain surgery via 5G network performed in China

World’s 1st remote brain surgery via 5G network performed in China Published time: 17 Mar, 2019 13:12 ·           A Chinese surgeon has performed the world’s first remote brain surgery using 5G technology, with the patient 3,000km away from the operating doctor. Dr. Ling Zhipei remotely implanted a neurostimulator into his patient’s brain on Saturday, Chinese state-run media  reports . The surgeon manipulated the instruments in the Beijing-based PLAGH hospital from a clinic subsidiary on the southern Hainan island, located 3,000km away. The surgery is said to have lasted three hours and ended successfully. The patient, suffering from Parkinson’s disease, is said to be feeling well after the pioneering operation. The doctor used a computer connected to the next-generation 5G network developed by Chinese tech giant Huawei. The new device enabled a near real-time connection, according to Dr. Ling.  “You barely feel that th...
Read more

New ATM's: withdraw money with veins in your finger

New cash machines: withdraw money with veins in your finger Cash machine technology that reads the pattern of finger veins is already available in Japan and Poland   By Telegraph Reporters 6:59PM BST 15 May 2014 Cash machines could soon be installed with devices that identify customers by reading the veins in their fingers. The technology is already being rolled out in Poland, where 1,730 cash machines will this year be installed with readers, negating the need for a debit card and Pin. Developed by Hitachi, the Japanese electronics firm, the machines read the patterns of the veins just below the surface of the skin on your finger using infra-red sensors. The light is partially absorbed by haemoglobin in the veins to capture a unique finger vein pattern profile, which is matched to a profile. The technology is used by Japanese banks and also in Turkey, offering “groundbreaking levels of accuracy and speed of authentication”, Hitachi said, which in t...
Read more