Aug 02 2022

Pegasus is listening

Category: SpywareDISC @ 1:55 pm
Pegasus is listening: Q&A with Paul Rusesabagina’s daughter Carine Kanimba

Pegasus is listening: Q&A with Paul Rusesabagina’s daughter Carine Kanimba

You may not recognize the name Carine Kanimba, but you have probably heard of her dad: Paul Rusesabagina. He was the manager of Hôtel des Milles Collines and rather famously decided to shelter some 1,200 mostly Tutsi Rwandans in his hotel during the 1994 genocide in Rwanda. Don Cheadle played him in the movie Hotel Rwanda.

After, Rusesabagina became a superstar ambassador of human rights. He wrote an autobiography about his work during the genocide; President George W. Bush awarded him the Medal of Freedom; and he went on the speakers’ circuit not just talking about 1994 – but criticizing the current government of President Paul Kagame for trampling on human rights.

In August 2020, Rusesabagina boarded a private jet for what he thought would be a trip to Burundi, but instead he was rendered to Rwanda. He’s since been sentenced to 25-years in prison.

Carine Kanimba was on Capitol Hill last week to talk not just about her dad (who adopted sisters Carine and AnaĂŻse shortly after the genocide), but also her recent discovery that she’s been targeted by a commercial spyware program called Pegasus. And she believes the Rwandan government was behind it.

Pegasus spyware is the brainchild of an Israeli company called NSO Group and it has been found on the phones of so many activists around the world it has become a kind of cautionary tale about the commercial spyware industry. It has been linked to the murder of journalist Jamal Khashoggi, discovered on the phones of Mexican opposition leadersCatalonian politicians, and journalists and lawyers around the world. (In a statement, NSO Group told Click Here that it “thoroughly investigates any claim for illegal use of its technology by customers, and terminates contracts when illegal use is found.”)

The Click Here podcast sat down with Kanimba shortly after her Congressional testimony to talk to her about her role as a human rights advocate, what it is like finding oneself on the receiving end of a spyware campaign, and why she is confident she will win her father’s release. The interview has been edited and shortened for clarity.

CLICK HERE: We wanted to start by saying we’re very sorry about what you’re going through with your father…

For complete interview – Pegasus is listening: Q&A with Paul Rusesabagina’s daughter Carine Kanimba

Pegasus: How a Spy in Your Pocket Threatens the End of Privacy, Dignity, and Democracy

Tags: A Privacy Killer, NSO’s Pegasus, Pegasus, Pegasus spyware

Jun 23 2022

NSO Group told lawmakers that Pegasus spyware was used by at least 5 European countries

Category: Cyber Spy,SpywareDISC @ 8:23 am
NSO Group told lawmakers that Pegasus spyware was used by at least 5 European countries

The Israeli surveillance firm NSO Group revealed that its Pegasus spyware was used by at least five European countries.

The controversial Israeli surveillance vendor NSO Group told the European Union lawmakers that its Pegasus spyware was used by at least five countries in the region.

NSO Group’s General Counsel Chaim Gelfand admitted that the company had “made mistakes,” but that after the abuses of its software made the headlines it has canceled several contracts.

“We’re trying to do the right thing and that’s more than other companies working in the industry,” Gelfand told members of the PEGA committee. “Every customer we sell to, we do due diligence on in advance in order to assess the rule of law in that country. But working on publicly available information is never going to be enough.”

In April, the Parliament set up a new inquiry committee investigating the use of Pegaus spyware and equivalent surveillance software used to spy of phones belonging to politicians, diplomats, and civil society members. The spyware was used to target several European leaders, including Spain’s Prime Minister Pedro Sánchez, and Spanish political groups, Hungary, and Poland.

NSO Group

In February, the European Data Protection Supervisor (EDPS) authority called for a ban on the development and the use of surveillance software like the Pegasus spyware in the EU.

The abuse of this kind of solution poses a serious threat to fundamental rights, particularly on the rights to privacy and data protection. 

“It comes from the EDPS’ conviction that the use of Pegasus might lead to an unprecedented level of intrusiveness, which threatens the essence of the right to privacy, as the spyware is able to interfere with the most intimate aspects of our daily lives.” states the European Data Protection Supervisor (EDPS). 

“Pegasus constitutes a paradigm shift in terms of access to private communications and devices, which is able to affect the very essence of our fundamental rights, in particular the right to privacy.”

Privacy advocated and cybersecurity experts demonstrated the use of the Pegasus in surveillance campaigns worldwide targeting journalists, political figures, dissidents, and activists.

The bad news is that the business of digital surveillance is growing in scaring and uncontrolled way. Recently, experts spotted other surveillance malware infecting systems worldwide, such as the HERMIT spyware that was linked to an Italian firm.

If you want to read more info on the Pegasus spyware give a look at a report investigating Pegasus spyware impacts on human rights has been launched by the Council of Europe on the occasion of the summer session of the Parliamentary Assembly.

The report was prepared by the Information Society Department with contributions from Tamar Kaldani the former Personal Data Protection Inspector and the State Inspector of Georgia, currently serving as the first Vice-chair of the Consultative Committee of Convention 108 and Zeev Prokopets – an Israeli executive, product designer, software developer and entrepreneur.

“An investigation report released by a global consortium26 revealed that 200 journalists worldwide had been targeted using Pegasus spyware. The Office of the UN Special Rapporteur for Freedom of Expression also noted the number of victims of attempted spying through Pegasus, including Mexican journalists, human rights defenders and opposition leaders.27 “The numbers vividly show the abuse is widespread, placing journalists’ lives, those of their families and associates in danger, undermining freedom of the press and shutting down critical media,” – said Secretary-general of Amnesty International.” concludes the report. “The right to freedom of expression and information, as guaranteed by Article 10 of the Convention, constitutes one of the essential foundations of a democratic society and one of the basic conditions for its progress and the development of every individual.”

And it’s like, what … 12, 13,000 total targets a year max, exec says

Pegasus Spyware – ‘A Privacy Killer’ 

DISC InfoSec

#InfoSecTools and #InfoSectraining

#InfoSecLatestTitles

#InfoSecServices

Tags: A Privacy Killer, NSO Group, Pegasus spyware

Dec 20 2021

Pegasus: Google reveals how the sophisticated spyware hacked into iPhones without user’s knowledge

Category: Backdoor,Cyber crime,Cyber Espionage,Cyber Spy,Cyber surveillance,Cyberweapons,Hacking,Malware,SpywareDISC @ 11:33 am
  • Pegasus spyware was allegedly used by governments to spy upon prominent journalists, politicians and activists.
  • A Google blog has revealed how the sophisticated software was used to attack iPhone users.
  • The software used a vulnerability in iMessages to hack into iPhones without the user’s knowledge.

The Pegasus spyware, developed by Israel’s NSO group, made headlines for being used by governments and regimes across the world including India to spy on journalists, activists, opposition leaders, ministers, lawyers and others. The spyware is accused of hacking into the phones of at least 180 journalists around the world, of which 40 are notable Indian personalities.

Now, a Google blog from the Project Zero team called the attacks technically sophisticated exploits and assessed the software to have capabilities rivalling spywares previously thought to be accessible to only a handful of nations.

The company has also faced multiple lawsuits including one in India where the Supreme Court (SC) set up a three-member panel headed by former SC judge RV Raveendran to probe whether the software was used by the government to spy on journalists and other dissidents.

Apart from India, Apple has also sued the Israeli firm after having patched its security exploit. The company was also banned in the United States after the details of the spyware were revealed. Let’s take a look at how this advanced snooping technology discretely worked on iPhones.

How Pegasus hacked iPhones

According to the Project Zero blog, a sample of the ForcedEntry exploit was worked upon by the team and Apple’s Security Engineering and Architecture (SEAR) group. Pegasus attacks on iPhones were possible due to the ForcedEntry exploit.

Best iPhone in 2021: Which model is right for you? | ZDNet

Pegasus is a spyware (Trojan/Script) that can be installed remotely on devices running on Apple ‘ s iOS & Google ‘ s Android operating systems. It is developed and marketed by the Israeli technology firm NSO Group. NSO Group sells Pegasus to ” vetted governments ” for ” lawful interception ” , which is understood to mean combating terrorism and organized crime, as the firm claims, but suspicions exist that it is availed for other purposes. Pegasus is a modular malware that can initiate total surveillance on the targeted device, as per a report by digital security company Kaspersky. It installs the necessary modules to read the user’s messages and mail, listen to calls, send back the browser history and more, which basically means taking control of nearly all aspects of your digital life. It can even listen in to encrypted audio and text files on your device that makes all the data on your device up for grabs.

Tags: A Privacy Killer, hacked iphone, NSO Group, Pegasus spyware