this post was submitted on 14 Sep 2023
86 points (96.7% liked)

Technology

59374 readers
7409 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Pegasus is a highly sophisticated and controversial spyware tool developed by the Israeli cybersecurity firm NSO Group. Pegasus is designed to infiltrate and infect mobile devices, including smartphones, and it allows the attacker to remotely monitor and collect a wide range of information from the compromised device. This information can include text messages, call logs, emails, GPS location data, and more. It can also be used to activate the device's microphone and camera for audio and video surveillance.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 17 points 1 year ago (4 children)

Well, that's most terrifying. Can you do anything about it except not using smartphones?

[–] [email protected] 18 points 1 year ago (1 children)

I'm using GrapheneOS for added security and sandboxing, but I feel that this is a bandaid solution.

[–] [email protected] 13 points 1 year ago

Thx. You don't seem to be the only one.

In July 2022, Charlie Osborne of ZDNet suggested that individuals who suspect a Pegasus infection use a secondary device with GrapheneOS for secure communication.

https://www.zdnet.com/article/how-to-find-and-remove-spyware-from-your-phone/

[–] [email protected] 9 points 1 year ago (1 children)

Unfortunately, as far as I understand it, not really. NSO and for sure many other companies offering similar spy software use multiple 0-day exploits to get into your device.

At least for the Pegasus one, a system restart seems to do the trick in removing it in most cases, although there are some reports on surviving even a factory reset on some phones…

The other question is, if you are not a person of interest like a high-ranking politician or journalist, you are most likely not going to be a target of an attack. On the other hand, you never know… and that’s the really scary part.

[–] [email protected] 3 points 1 year ago (1 children)

a person of interest

Thanks for the reminder.

article:

journalists, opposition politicians, and activists

wikipedia: pretty much anybody of interests of the people with the ability to acquire the service

journalists, lawyers, political dissidents, and human rights activists

scholars, bureaucrats (India)

politicians: head of stead (Iraq), mayors (Israel), associates (Israel), politicians (Israel), son of prime-minister (Israel), presidential candidate and associates (Mexico), prime minister (Morocco), King (Morocco)

government employees (Israel), government officials (Israel), ex government officials (Israel), military officials (Morocco)

employees of government-owned companies (Israel),

suspects (Israel), drug cartels (Mexico), criminal (Netherlands)

civil society members

heads of corporations (Israel)

Panama: foreign spying, including for spying on political opponents, magistrates, union leaders, and business competitors, with Martinelli allegedly going so far as to order the surveillance of his mistress using Pegasus.[5]

[–] [email protected] 3 points 1 year ago

Yup, the rabbit hole is quite deep. That’s only the people we know to have been targeted by this version Pegasus, I’m sure the dark figure is much higher.

[–] [email protected] 8 points 1 year ago

The protocol for how to subvert this type of tracking is all ready known. You have to use burrner phones and swap out every couple of weeks. Don't take any electronics to sensitive meetings.

[–] [email protected] 8 points 1 year ago* (last edited 1 year ago)

I would say to just keep your OS and software and such up to date, enable features like Lockdown Mode on iOS if available to you, and just generally have good security practices. Really not much else you can do.