New Delhi: India and the United States, the world's two largest democratic nations are preparing for intense elections this year. There is a significant risk of misinformation and espionage aiming to manipulate the democratic proceedings.


COMMERCIAL BREAK
SCROLL TO CONTINUE READING

The online environment is increasingly susceptible to various threats as we undergo a complete transformation in the digital world. With malware being a persistent issue both individuals and governments are constantly worried about cyber threats. (Also Read: Apple Could Launch New iPad Lineup In 2024; Check Expected Specs)


The Pegasus spyware stands out as especially troubling among these threats. After being infected it enables remote attackers to hack into a device providing them with access to all data and effectively converting the device into a formidable surveillance tool. (Also Read: Vivo G2 With Powerful 5,000mAh Battery And Camera Launched; Check Price)


Researchers at Kapersky have introduced an innovative and efficient detection technique in the effort to safeguard users from advanced iOS spyware threats like Pegasus and its newer versions, Reign and Predator.


Leveraging an unexplored forensic artefact namely the Shutdown.log file, the Global Research and Analysis Team (GReAT) at Kaspersky has devised an effortless method to recognize indicators of compromise. Furthermore, they have designed a user-friendly self-check tool that allows individuals to easily gauge their own vulnerability levels.


Through traces left in an Unconventional system log known as Shutdown.log the presence of Pegasus infections can be detected as disclosed by Kaspersky’s specialists. This log is situated within the sysdiagnose archive on any iOS device. Given that this archive accumulates data from each reboot, it serves as a crucial location for spotting irregularities indicative of Pegasus when an infected device undergoes a restart.


They observed instances of "sticky" processes primarily attributed to Pegasus which created difficulties during reboots. They also identified additional signs of spyware that align with observations made by other experts in the field.


In order to identify spyware on our devices a free tool has been developed by Kaspersky specialists. This tool employs Python3 scripts to retrieve and examine the Shutdown.log file, and it is compatible with macOS, Windows, and Linux platforms. The tool is accessible on GitHub.


The experts emphasize that detecting and preventing spyware such as Pegasus can be challenging. However, users can adopt precautionary measures to increase the difficulty for potential attackers attempting to spy on them.


Kaspersky experts offer the following recommendations to enhance the protection of iOS devices against spyware:


-Restart Daily: According to some studies, Pegasus employs zero-click attacks that don't linger on the device. Daily restarts can eliminate the spyware prompting attackers to retry allowing detection.


-Activate Lockdown Mode: Apple's lockdown mode as per certain reports can prevent the infiltration of iOS malware.


-Disable iMessage and Facetime: Attackers might exploit iMessage and Facetime for zero-click attacks, turn them off to reduce the risk of spyware infiltration. 


-Keep Your Device Updated: Regularly install the latest iOS updates since some spyware exploits old vulnerabilities that get fixed with updates. Swift updates protect against attackers using outdated spyware.


-Be cautious with Links: Avoid clicking on links in messages, as Pegasus users may utilize one-click attacks via SMS, email, or other apps.


-Monitor Backups and Sysdiags: Use tools like MVT and those provided by Kaspersky to scan backups and Sysdiagnose files for indications of iOS malware.