Context

Recently, Apple issued alerts to iPhone users in 92 countries including India,cautioning them from mercenary spyware attacks including Pegasus.

• In October 2023, similar warnings were dispatched to politicians across various Indian political parties, hinting at the potential state-sponsored spyware attack on iPhones.

Enroll now for UPSC Online Course

Difference Between Malware and Spyware

• Malware, short for “malicious software,” includes viruses and spyware that can steal personal information, send spam, and commit fraud. 
  • Criminals use appealing websites, desirable downloads, and compelling stories to lure consumers to links that will download malware – especially on computers that don’t use adequate security software. 
• Spyware is one type of malware that can monitor or control your computer use. 
  • It may be used to send consumers pop-up ads, redirect their computers to unwanted websites, monitor their Internet surfing, or record their keystrokes, which, in turn, could lead to identity theft. 

Mercenary Spyware 

• Mercenary spyware is designed to remotely infiltrate and compromise smartphones, used to monitor movements and communications, steal private data, etc. and other devices without the knowledge or consent of the users. 
• These attacks are highly complex, targeting specific individuals with exceptional resources, surpassing regular cybercriminal activity and consumer malware. 
• They are difficult to detect and prevent due to their substantial investment and short lifespan. 
• In some cases, governments, intelligence agencies, and law enforcement bodies have reportedly bought mercenary spyware wherein political opponents, Activist, corporate espionage and financial fraud are often targeted.

Examples of Mercenary Spyware 

Companies producing mercenary spyware include the NSO Group, FinFisher, and Hacking Team. 

• NSO Group’s flagship spyware Pegasus, which has been bought by various governments, helps infiltrate devices remotely and access calls, emails, messages, and other files. 
• Finfisher’s products like FinSpy can capture keystrokes and access data besides activating microphones and cameras without permission. 
• The Hacking Team’s Galileo aka Remote Control System (RCS) also can capture keystrokes and record video calls besides accessing the camera and microphone.

Pegasus Spyware

• Pegasus is a spyware developed and marketed by Israeli cybersecurity firm NSO. 
• Pegasus has the ability to execute operator commands, and send back private data, passwords, contact lists, calendar events, text messages, and live voice calls.

Enroll now for UPSC Online Classes

DOWNLOAD PDF