Pegasus spyware creates fear due to being exploited in the execution of cyberattacks

October 12, 2021
Pegasus spyware fear execution cyberattacks malware

Investigations have been conducted regarding the Pegasus spyware’s suspicious activities in monitoring civil rights agencies, government figures, and journalists all over the world to operate a new wave of cyberattacks. 

Pegasus is a spyware system built by NSO Group that allows reading text messages, tracking calls, and more ways of harvesting information from devices. Initially, spyware is offered as a tool to combat crime; however, recent reports suggest otherwise due to allegations that it is exploited against activists, innocents, journalists, and politicians. 

The investigations conducted by various media outlets regarding the misuse of Pegasus spyware were denied by the NSO Group. Apple has patched a zero-day vulnerability utilizing Pegasus spyware along with Citizen Lab. 

 

Unrelated Pegasus spyware cybercriminals take advantage of the issue to deploy other malware brands and conduct cyberattacks.

 

Threat actors not linked to the Pegasus spyware try to exploit the issue by offering people protection against harmful spyware surveillance. However, these threat actors’ only aim is to create other malware brands to conduct waves of cyberattacks furtively. 

Security researchers have reported on Thursday that some hackers have tried to pose as Amnesty International and even established a fake domain to imitate an authentic website of their target organization. The fake website will direct individuals to an antivirus tool called ‘AVPegasus,’ which protects devices from the Pegasus spyware. 

But the truth is, the said antivirus is a Sarwent Remote Access Trojan (RAT), as revealed by security analysts. 

The Sarwent Remote Access Trojan (RAT) is written in the Delphi programming language. Upon execution, it installs a backdoor to the target devices. It will control a remote desktop protocol to establish a connection to a command-and-control (C2) server run by a threat actor. This malware can steal information and can further execute any intended cyberattacks. 

Researchers say that this campaign focuses on individuals or groups fearful of being attacked by the Pegasus spyware. There is no evidence yet that will prove the possibility of state involvement in the issue. However, the issue involving cyberattacks may only be motivated by financial reasons. 

About the author

Leave a Reply