DailyPost 2716

Some mysteries get sorted out over a period of time and some open layer after layer. If it is a spyware, things would be even worse. Spying on spyware cannot be easy. If the business and operations are strictly confidential and at least one party being the government, then how do you even initiate the journey to unravel mystery. This spyware Pegasus has rocked the world many times over and all stakeholders in this game are dedicated to keep the whole story as a black box. This has gone in their favor so far, but it seems to changing now. It was not because of any change of heart, but because of US court intervention.

The interesting facet is that this order was pronounced in the process of a legal battle between and Meta. In the battle which has been on since 2019; this order will have far reaching consequences in the field of spyware and also the ones who are into exploiting software vulnerabilities to further their own game. Handing over of the source code is something unheard of, and that is what a US judge ordered the NSO group; the developers of Pegasus. The NSO group now has been ordered to handover its Pegasus source code and other products to Meta as a part of social media giant’s ongoing litigation against the Israeli spyware vendor.

When this controversy erupted in India, even the experts were at their wit’s end as to how Pegasus could compromise a mobile even without the call being received. The court battle is precisely on this issue. The lawsuit filed in October 2019 was for using Meta infrastructure to distribute spyware to approximately 1,400 devices between April and May. These devices also included around two dozen of Indian activists and journalists. How did these, so to say attacks / mobile compromise happen? “These attacks leveraged a then zero-day flaw in the instant messaging app (CVE-2019-3568, CVSS score 9.8), critical buffer overflow bug in the voice call functionality.”*

What happened out of this zero-day flaw? Pegasus could be delivered by merely placing a call, even in scenarios where the calls were left unanswered. What a magical capability? Make a call and you surreptitiously gain control of the mobile. This does not end here. The closure of game is even more fascinating. The “attack chain included steps to erase the incoming call information from the logs in an attempt to sidestep detection.” However precise you cover your tracks, it is bound to find its way sooner than later. The Court has asked the NSO group to “produce information concerning the full functionality of the relevant spyware” The period for which it needs to be provided specifically is for a period of one year before the alleged attack to one year after the alleged attack.

Sanjay Sahay

Have a nice evening.

Leave a Comment

Your email address will not be published. Required fields are marked *

The reCAPTCHA verification period has expired. Please reload the page.

Scroll to Top