News

Politics, Current Events, and Serious Discussion

Stats

Category
News and Politics
Total members
15
Total events
0
Total discussions
2K
Total views
662K

The New Face Of Mlaware: Pegasus

TekhNiqo

Sixer
Messages
259
Reputation
311
zBucks
591
Sex
Male
Race
Black
Origin
USA
Disclaimer: This is just my opinion and thoughts

Pegasus used against Human Rights Groups
More details on Pegasus

For those who don't know sometime last year the Isreali Government developed a zero-click malware that was discovered late 2022. This type of malware is not only tough to detect but doesn't require any user interaction in order to get infected. This same malware has been reported to have been used on Human Rights groups despite being advertised as a tool to fight terrorism.

This was deinitely concerning to me because for the last year apple users have been revieving these mysterious security updates. Most of them don't even have a description in the patch notes for weeks or months. That indicate to me that they are still trying to secure the phone as much as possible and don't want to release publicly what they have fixed so that NSO can't use that information to patch their payload. There isn't much public information on how Pegasus works because, again, this payload is being advertised to government agencies and there is a conflict of interest between government agencies and cyber security where cyber security wants to patch vulnerabilities and government agencies wanting to keep those vulnerabilities so they can use those vulnerabilities to their advantage.

What made me post this is that I saw a short clip of Vicki Dillard talking about how the Western world is trying to distract us with this Ukraine vs Russia. It made me think about how all these different attack vectors have been used in this cyber war and I think about how this technology may be used against us. When you consider that Human Rights organizations have been targeted what is to say we won't be targeted, if we haven't been targeted already. We have been able to do a lot in spite of the barriers that social media and similar sites use to filter our message and information. When I think about the way that meta data and big data is used to create profiles on peoples habits and behaviors it makes me feel the FBI no longer need to infiltrate our organizations because they have all the tools at their disposal to spy without stepping foot into your home. For example we already have payloads that can screen capture all the acitivity happening on a phone in real time, access the cameras and having total control over someone's device BUT it usually requires that the victim downloads an apk or opens a file like a pdf or Word Doc. These payloads also have signatures that AV, IDPS and other monitoring software can detect but Pegasus can avoid all of that and only by meticulously monitoring your phone can you discover this payload. That's a tall task. I would like to see apps that can list all the connection Iphone has in the sameway the netstat comomand does. We don't have enough tools for IOS that allow you to really streamline the detective work.

1690334191150.png
 

johnOkillens

Sixer
Messages
102
Reputation
237
Location
Reparations
zBucks
1,047
Sex
Male
Race
Black
Origin
USA
Disclaimer: This is just my opinion and thoughts

Pegasus used against Human Rights Groups
More details on Pegasus

For those who don't know sometime last year the Isreali Government developed a zero-click malware that was discovered late 2022. This type of malware is not only tough to detect but doesn't require any user interaction in order to get infected. This same malware has been reported to have been used on Human Rights groups despite being advertised as a tool to fight terrorism.

This was deinitely concerning to me because for the last year apple users have been revieving these mysterious security updates. Most of them don't even have a description in the patch notes for weeks or months. That indicate to me that they are still trying to secure the phone as much as possible and don't want to release publicly what they have fixed so that NSO can't use that information to patch their payload. There isn't much public information on how Pegasus works because, again, this payload is being advertised to government agencies and there is a conflict of interest between government agencies and cyber security where cyber security wants to patch vulnerabilities and government agencies wanting to keep those vulnerabilities so they can use those vulnerabilities to their advantage.

What made me post this is that I saw a short clip of Vicki Dillard talking about how the Western world is trying to distract us with this Ukraine vs Russia. It made me think about how all these different attack vectors have been used in this cyber war and I think about how this technology may be used against us. When you consider that Human Rights organizations have been targeted what is to say we won't be targeted, if we haven't been targeted already. We have been able to do a lot in spite of the barriers that social media and similar sites use to filter our message and information. When I think about the way that meta data and big data is used to create profiles on peoples habits and behaviors it makes me feel the FBI no longer need to infiltrate our organizations because they have all the tools at their disposal to spy without stepping foot into your home. For example we already have payloads that can screen capture all the acitivity happening on a phone in real time, access the cameras and having total control over someone's device BUT it usually requires that the victim downloads an apk or opens a file like a pdf or Word Doc. These payloads also have signatures that AV, IDPS and other monitoring software can detect but Pegasus can avoid all of that and only by meticulously monitoring your phone can you discover this payload. That's a tall task. I would like to see apps that can list all the connection Iphone has in the sameway the netstat comomand does. We don't have enough tools for IOS that allow you to really streamline the detective work.

View attachment 8124
Thank you for sharing this information. I have worked in the IT sector my entire career and I wasn’t aware of this Pegasus malware and how invasive it is. Just like the Stuxnet malware that the US & Israelis used to disable the Iranian nuclear centrifuges, but ended up getting out and into the hands of hackers & foreign adversaries, Pegasus will be used by bad actors with very bad intent. And this is all because of the arrogance & incompetence of white American & Israeli tech bros.