Cybersecurity Researchers at CloudSEK Warn About Widespread Use of Fake Pegasus Spyware on Dark Web Used by Hackers for Financial Gain
Cyber-security researchers on Thursday warned about the widespread misuse of fake Pegasus spyware on the Dark Web where hackers are leveraging the name of Pegasus for financial gains.
New Delhi, May 23: Cyber-security researchers on Thursday warned about the widespread misuse of fake Pegasus spyware on the Dark Web where hackers are leveraging the name of Pegasus for financial gains. Following Apple's recent notification to users in 92 countries about a ‘mercenary spyware’ attack, homegrown cybersecurity firm CloudSEK carried out an in-depth investigation. They found a widespread misuse of Israel-based company NSO’s Pegasus spyware's name.
The findings serve “as an advisory against scammers and threat actors who are exploiting the growing recognition of NSO Group's renowned product, Pegasus, for their fraudulent purposes,” the researchers noted. The researchers analysed approximately 25,000 posts on Telegram, many of which claimed to sell authentic Pegasus source code. “These posts followed a common template offering illicit services, with Pegasus and NSO tools frequently mentioned,” the team mentioned. Cybercrime Surge in India: Over 7,000 Daily Complaints in 2024, Key Locations Identified in Southeast Asia.
By interacting with over 150 potential sellers, CloudSEK gained insights into various samples and indicators shared by these actors. This included purported Pegasus source code, live demonstrations, file structures, and snapshots. “Similar misuse was observed on surface web code-sharing platforms, where actors disseminated randomly generated source codes falsely associated with Pegasus,” said researchers. Scarlett Johansson ‘Shocked’ and ‘Angered’ To See OpenAI Using Voice Similar to Hers After She Turned Down Request To Lend Her Voice to ChatGPT.
After analysing 15 samples and over 30 indicators from human intelligence (HUMINT), deep, and dark web sources, the team discovered that nearly all samples were “fraudulent and ineffective”. Threat actors created their own tools and scripts, distributing them under Pegasus' name to capitalise on its notoriety for financial gain, the report said.
(The above story first appeared on LatestLY on May 23, 2024 11:56 AM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).