Can anyone know in detail about Pegasus spyware

I heard a lot about it,

I know it is created by NSO isreal company, this works on WhatsApp voice call vulnerability

And WhatsApp remotely get hijacked via this vulnerability

But how this works???

Is it possible to make similar spyware??

How to check if we are infected by it or not and

How to remove it??

Indian national ? :laughing:

I am a malware coder, I wrote few ethical hacking tools

Check it out : https://GitHub.com/Technowlogy-Pushpender

Want to make similar spyware in future

A simple Google search returned this result https://en.wikipedia.org/wiki/Pegasus_(spyware) It tells everything you need. If you need more deep detail then ask in specific manner.

Thanks for your answer but, there is no method till now I found to remove it or check if your phone is compromised

A professional ethical hacker might reverse engineer that spyware or know anything more

The information available on Wikipedia is just a history type of content

You can’t code your own spyware just by reading wiki

And by the way I checked that link already

1 Like

Ohk but how would you reverse engineer pegasus spyware? We know that it is only sold to government agencies for spying purposes.

Taking victim phone for spyware sample might help to reverse engineer that spyware

And how would you take victim phone knowing that all of the compromised ppl were high profile ones? I don’t think it’s as easy to do as it looks.

If I am capable to do it by my own then I might not here

If it is so then the talk is over now. However all i can tell you is that
Pegasus exploited a high severity vulnerability in WhatsApp to compromise high profile victims. After Pegasus exploited WhatsApp vulnerability it again exploited a high severity vulnerability in Apple’s IOS as it jail breaked all the devices and rooted android phones. Hence we conclude that it also exploited high severity vulnerability in Android as it works in android devices too. Whatsapp vulnerability exploited is a type of RCE . This much should be enough to give you quite lot information. In order for you to build such thing you need to:

Find high class (similar to RCE) in Android and IOS.
Find out sample of pegasus spyware when it is made public and you know better what to do next.

These resources will help you:

Thanks a lot bro

So it basically whatsapp VoIP stack buffer overflows vulnerability

Which leads to remote code execution

1 Like

Yes you are right as far as i know. Doubt cleared? @R4gn4r why don’t you help him here?

1 Like

So after reading a lot of blogs

I concluded that Pegasus is just a spyware which has some cool features.

Apart from Pegasus,
Meterpreter payload, any other keylogger , rat, or any other malicious piece of code can be used to make control on victim mobile

We usually use social engineering techniques to trick victim to install these malicious software on there system/phone

BUT this latest WhatsApp vulnerability enables a hacker to install/run piece of code without victim interaction

Buffer overflow vulnerability in VoIP stack can be exploited by sending crafted SRTCP packets to victim phone which leads to new vulnerability,

THE most dangerous vuln. I.e. RCE (remote code execution)

The only barrier to perform this attack is that we don’t know how these specially crafted SRTCP packet look like.

Without that info we can’t code our exploit

Or one must know deep knowledge of VOIP, and it’s protocol like SIP, SRCTCP, etc

Hope researcher release a exploit soon

2 Likes

Well, I am not very studied on voip buffer overflow, so I cannot help very much😅…
But if I was MrRobot, I would move on simjacking and end-to-end encryption vulns. Personally I am not very end2end encryption fan, because there are proof of concepts that can hack it.
And these days a very good bug was found on Sim cards that is very serious. If you want, check it out :wink:. Sorry for not helping very much about NSO and whatsapp but…

The Israel-based NSO Group well known as the Surveillance company has developed the Pegasus.

The Pegasus is the most powerful spyware technology that works on the Zero-day-vulnerability concept.

The latest version of this spyware can be installed and executed just through a missed call to the target device.

The spyware tricks the vulnerability of the third-party application and takes complete control of the device.

The hacker can have full access to your device and he can do all activities like

  • Reading messages
  • Viewing photos
  • videos Access
  • Making phone calls
  • Accessing call logs
  • Tracking location
  • Turning on Microphone
  • Clicking pictures
  • Screen recording
  • Accessing deleted contents

What is the Pegasus project?

The Pegasus project is running since 2016 and it is controlled by NSO Group.

The project was basically launched to surveillance the Terrorist outfits, money laundering, weapon smuggling, and monitor terrorist attacks.

The NSO Group conducted the whole project successfully by using Pegasus spyware.

The Pegasus spyware is the most sophisticated and the leading product of the NSO Group.

According to NSO Group, thousands of lives were saved by using this state-of-the-art spyware technology.

This project was in news because of the misuse of this spyware by some Government entities.

After the execution of malicious codes, Pegasus has all those permissions that the third-party application is using.

The Pegasus can access your phone call details, contacts, photo gallery, call history, and call logs.

And has the capability to read your messages, chats, emails, notifications, and documents.

This spyware can track your location, turn on your phone’s microphone, and camera without you ever knowing.

It can also record your phone screen, and voice without your knowledge.

This state-of-the-art spyware technology can make a phone call, send messages, and recover deleted data from temporary memory.

This spyware can exactly clone your device and completely controls it.

The Pegasus spyware fetches data from the victim’s phone and sends it to the NSO Group’s data server.

In my personal opinion I think that this program is a very impressive work of craftsmenship.