Samsung SGH-E700… now with Android?

Imagine my sudden, unexpected excitement when I...

My iPhone 15 Pro Max SLi Ultra Ghia Plus strategy

So there's a new iPhone about to...

The most powerful espionage app for Android has been discovered

Back in August, Pegasus for iOS made headlines as one of the most sophisticated espionage apps on mobile. The app was believed to have been in circulation for quite a while before being discovered. Furthermore, it was suggested that a few hundred more iterations of the app were still around, targeting specific individuals like a political dissident from the UAE.

Now, Google has detailed Pegasus for Android, a clone of the app for Google’s platform. Mobile security firm Lookout sent Google a list of suspicious package names while it was conducting its own analysis. Google found that a few dozen Android devices had installed an application that bore a remarkable resemblance to Pegasus, which the company dubbed Chrysaor.

It took months for the two companies to identify Pegasus for Android. The espionage app is thought to be developed by NSO Group Technologies, who specialize “in the creation and sale of software and infrastructure for targeted attacks”.

On their own independent analysis, Lookout mentioned that the espionage app represents “the common feature-set that we see from nation states and nation state-like groups”. According to the security firm, such threats are meant to track a target both in the physical and virtual worlds.

To put that into perspective, Pegasus is capable of extraordinary functions. These include keylogging, capturing of live audio, video, and screenshots, exfiltration of data from various applications, text messages, browser history, email, and even remote control of the spyware via SMS commands.

An even more impressive fact is that Pegasus for Android can self-destruct when compromised through a variety of checks. That includes checking whether the mobile country code associated with the SIM card is invalid or not, and if the app has been unable to connect to its server for 60 days.

Unlike its iOS counterpart, which used three previously unknown security vulnerabilities to install itself on targeted devices, Pegasus for Android uses Framaroot instead, a well-known rooting technique which can bypass security.

Such sophisticated spyware and espionage tools are created after requests by specific agencies and are unfortunately often used against citizens of countries with questionable democratic values. Pegasus for Android, as an espionage app of its own, was likely used for similar purposes.

While the average user has nothing to fear against attacks of this magnitude, the fact that they exist and can live on in a mobile OS for months before being discovered is certainly troubling. With an IoT explosion in the horizon, the importance of security in the cyberspace cannot be overstated.

Recently Published

Samsung SGH-E700… now with Android?

Imagine my sudden, unexpected excitement when I saw this email and subject in my inbox this morning: "OMG," I thought. "Have they actually done...

Why you need GadgetsOman (or similar) in your life

About four days ago I got a familiar WhatsApp message from the team at GadgetsOman. It was just a day or so after the...

My iPhone 15 Pro Max SLi Ultra Ghia Plus strategy

So there's a new iPhone about to launch. It's not that different from the one I've already got (iPhone 14 Pro Max). The camera is slightly...

Microsoft Surface Duo: Insert lament post here

I was reading Ron Amaedo’s post on ArsTechnica earlier today about the ending of software upgrade support for the first edition of the Microsoft...

“Apple will only sell 100,000 of their headsets in the first year” Really?

BGR reports a TrendForce estimate that Apple will sell 100k units of their new headset when released and says “but that’s still a big...

The BlackBerry Movie: Worth a look, but it’s heavy on fiction

I went to see the BlackBerry movie last night here in Dubai. I was astonished to find the movie theatre almost full, apart from...