It is generally believed that it is not possible to completely protect yourself from professional surveillance software or Spyware. While it may be very difficult to prevent successful exploits and infections of mobile devices, users can still take certain actions that make it difficult for attackers to target them. According to the official Kaspersky broadcast, most of the journalists, politicians, human rights advocates, lawyers and public activists are now increasingly becoming the main targets of malicious spyware. That's why Costin Raiu, Head of Kaspersky's Global Research and Analysis Team (GReAT) has put together a collection of recommendations on how Android and iOS mobile users can protect their devices from Pegasus and other high-level mobile malware. Pegasus, Chrysaor, Phantom, and others are so-called "legal surveillance software," developed by private companies and widely used through a variety of exploits, including several iOS zero-click zero-days.
"The earliest version of Pegasus was captured by researchers in 2016. Since then, more than 30,000 human rights activists, journalists and lawyers around the world may have been the target of Pegasus attacks," said Costin Raiu.
Here are some suggestions that improve defense against sophisticated mobile malware attacks by Kaspersky:
1. First of all, it is important to reboot the mobile device every day. Rebooting helps clean the device, this means that attackers will have to constantly reinstall Pegasus on the device so it is highly likely that the infection will eventually be detected by security solutions.
2. Keep mobile devices up to date and install latest patches as soon as they come out. In fact, many of the exploits can target vulnerabilities that have already been patched, but will still be more dangerous for those running older phones and delaying updates.
3. Never click on a link received in a message. This is a simple but effective suggestion. Some Pegasus customers rely more on 1-click exploits than no-click ones. This comes in the form of messages, sometimes via SMS, but it can also be via other messengers or even email. If you receive an interesting SMS (or via another messenger) with a link, open it on a desktop computer, preferably using the TOR Browser, or better yet a secure non-persistent OS like Tails.
4. Also, don't forget to use an alternative web browser for web searches. Certain exploits don't work well in alternative browsers like Firefox Focus when compared to more traditional browsers like Safari or Google Chrome.
5. Always use a VPN; doing so makes it harder for attackers to target users based on their internet traffic. When you're about to subscribe to a VPN, there are a few things to consider: looking for a reliable service that's been around for a while, can accept payments with cryptocurrencies and doesn't require you to provide any registration info.
6. Install a security app that can check and warn if the device is jailbroken. In order to survive on the device, attackers using Pegasus will often resort to jailbreaking the targeted device. If users have a security solution installed, they will get a warning about the attack.
7. If you are an iOS user, periodically trigger sysdiags and save it to an external backup. Forensic artifacts can help alert you if you have been targeted. Kaspersky experts also recommend at-risk iOS users to disable FaceTime and iMessage. Because it's enabled by default, it's a dangerous campaign delivery mechanism for the clickless chain for years.
โIn general, Pegasus attacks are highly targeted meaning they don't infect people en masse but rather specific categories. Many journalists, lawyers and human rights activists have been identified as targets for these sophisticated cyberattacks, but they generally do not have the tools or knowledge to fortify defenses."
โOur mission is to make the world safer, therefore Kaspersky will do its best to provide the best protection techniques against malware, hackers and advanced threats like thisโ, comments Costin Raiu.
You must be logged in to post a comment.