Cybersecurity, Mobility

Pegasus: The Threat against Mobile Devices


In August, Lookout and Citizen Lab discovered something striking— an attack was being carried out on Apple iOS.

The malware, called Pegasus, allowed attackers to “jailbreak” an iOS device, gathering data ranging from pictures to text messages to email. Created by NSO Group, the spyware relied on several unknown flaws in Apple’s iOS. Pegasus tricked people into clicking on a link sent to them via text. After clicking the link, the malware essentially had access to everything on the device.

Pegasus was discovered when activist Ahmed Mansoor, the victim of multiple hacks previously, alerted Citizen Lab when he received suspicious text messages. After examining the links, Citizen Lab, working with Lookout, realized the spyware would have taken over Mansoor’s entire phone had he clicked the link.

The sophistication of malware is unprecedented; its ability to fully overtake a device proves the criticality that all enterprises pay attention to these threats and take steps to detect and remediate infected mobile devices.

FITARA HPE Compliance

Protect Against Pegasus

There are four key steps Lookout recommends to protect against Pegasus:

  1. Update iPhones to iOS 9.3.5: This update closes a series of loopholes the Pegasus software used.
  2. Find out if any high-value assets were attacked: Pegasus is a high-severity threat, but due to its cost and sophistication, would most likely only target “high-value” individuals (CEO, CIO, CFO, HR, etc).
  3. Don’t back up an infected device: This may trigger Pegasus’ self-destruct mechanism, causing the device to be wiped clean and therefore making it impossible to forensically investigate.
  4. Do not wipe the device: Again, this may trigger the malware’s self-destruct mechanism.

Guard Against Potential Intrusions

In light of Pegasus, it has become enormously evident once again that mobile devices are just as susceptible to cyberattacks as any other technology – and with the influence of BYOD in government, personal mobile devices that carry agency data are especially vulnerable. In fact, 15% of all apps leak sensitive data over their network and almost half of all apps have at least one high-risk security flaw.

To decrease the likelihood of an attack on a mobile device, agencies should advise their employees enrolled in a BYOD program of the following tips:

  1. Don’t log in to unknown Wi-Fi networks.
  2. Update apps and install the latest operating systems.
  3. Set up a simple firewall on mobile devices.
  4. Turn off Bluetooth and location services when they’re not in use.

While cyber-attacks can be extremely damaging to mobile devices, they can be prevented. Following these simple steps can guard a device against malware and viruses leading to leaked information and personal data.

To learn more about how Lookout is protecting mobile endpoints, download this overview. For more on how to defend your team against Pegasus, check out this on-demand webinar from Lookout.

Related Articles