Become an A&B portal user and receive giveaways!
Become an A&B portal user and receive giveaways!
maximize

Escape the spy: how to avoid Pegasus

27 of January '22

Kaspersky advises on how to avoid spyware attacks.

It is widely believed that we cannot completely protect ourselves from professional surveillance software. However, no matter how difficult it is to prevent a mobile device from being infected by such tools, users can still take certain steps to make life more difficult for attackers.

According to media reports, the main targets of such spyware are increasingly journalists, politicians, human rights activists, lawyers and public activists. Costin Raiu - Director of the Research and Analysis Team (GReAT) at Kaspersky - has prepared a set of recommendations that will tell users of mobile devices, both Android and iOS, how to protect them from Pegasus and other advanced mobile cyber threats. Pegasus , Chrysaor, Phantom and other so-called "legitimate monitoring programs" have been developed by private companies and are installed on a large scale through various exploits, including several zero-day exploits for iOS that do not require clicking links to infect a device. The earliest version of Pegasus was intercepted by researchers in 2016. To date, more than 30,000 human rights defenders, journalists and lawyers around the world may have been targeted by this pest.

Security tips

Here are some tips to increase your protection against sophisticated mobile spyware malware attacks:

  • First and foremost, reboot your mobile device every day. Rebooting helps "clean" it. Thus, attackers will have to constantly infect the device with Pegasus - and this will greatly increase the likelihood of detecting the attack.
  • Keep your mobile device updated and install the latest patches as soon as they become available. Many exploit kits attack security vulnerabilities that have already been patched, but are still dangerous for people who use older phones and delay updates.
  • Never click on links you receive in messages. This is a very simple yet important piece of advice. Some Pegasus customers are more likely to use exploits that require one click than those that don't require it at all. They are delivered in the form of messages, sometimes SMS, but can also be spread via instant messaging and even email. If you receive an interesting SMS message (or instant messaging message) with a link, open it on your desktop computer, preferably using a TOR browser, or - ideally - a secure, non-persistent operating system such as Tails.
  • Don't forget to use an alternative web browser to browse the site. Some exploits don't work as well in alternative browsers such as Firefox Focus compared to more traditional ones such as Safari or Google Chrome.
  • Always use a VPN connection - it makes it harder to attack users based on their Internet traffic. When purchasing a VPN subscription, there are several factors to consider: look for established services that have been around for a while, accept cryptocurrency payments and don't require registration information.
  • Install a security app that checks if security has been breached on a device and warns against it. To keep the pest on the device, attackers using Pegasus often resort to cracking the security of the attacked device. If you have installed a security solution on your device, you may be warned of an attack.
  • If you are an iOS user, frequently create diagnostic reports (sysdiag) and save them to external backups. The data from these reports can help you later determine if you were targeted. In addition, Kaspersky experts recommend iOS users who may be vulnerable to attacks to disable FaceTime and iMessage. Because they are enabled by default, they are the main mechanism used in attacks that do not involve clicking links.

Generally speaking, attacks using Pegasus are highly targeted - meaning they are not carried out on a mass scale, but rather on specific categories of users. Many journalists, lawyers and human rights activists have been the target of such sophisticated cyber attacks, but they usually lack the proper tools and knowledge to defend against them. Our mission is to make the world a safer place, so we will do everything we can to provide the best techniques to protect against malware, hackers and sophisticated threats such as Pegasus

- said Costin Raiu, director of the Global Research and Analysis Team (GReAT) at Kaspersky.

Advice for those who have been victims of a Pegasus attack

Those whose devices were infected can take the following steps:

  • If you were the target of the attack, find a journalist and tell them your story. What ultimately plunged many companies producing tools like Pegasus was the negative publicity - reporters and journalists writing about the abuse and exposing lies, crimes and all manner of wickedness.
  • Change your device - if you use iOS, try moving to Android for a while. If your operating system was Android, switch to iOS. By doing so, you will confuse attackers for a while. Some cybercriminals have purchased systems that only work on phones of a certain brand or on a certain operating system.
  • Make yourself a second device, preferably running GrapheneOS. Use an overpriced SIM card in it, or connect only via Wi-Fi and TOR while in airplane mode.
  • Avoid instant messaging, where you have to provide your contacts along with your phone number. If an attacker gets your phone number, he or she will be able to easily attack you through many different instant messaging services - iMessage, WhatsApp, Signal, Telegram - all of which are linked to your phone number. An interesting new option is Session, which automatically routes your messages through an Onion-type network and does not use phone numbers.
  • Try to contact a security researcher and talk to them about best practices. Share artifacts, suspicious messages or event logs if you think something is wrong. Security is never a matter of one solution that is 100% effective. Rather, think of it as a river in which you are swimming, adjusting to the speed of its current, currents and the obstacles you encounter.

For more tips to protect yourself from Pegasus and other mobile cyber-espionage tools, visit Kaspersky's official blog , Kaspersky Daily
The information can be used freely with the caveat that Kaspersky is cited as the source.

For more information, visit the company 'sKASPERSKY LAB POLSKA page on theAiB portal.
As well as on kaspersky.pl

The vote has already been cast

INSPIRATIONS