New Delhi, July 19: The Pegasus developed by Israeli cybersecurity firm NSO Group, spying scandal is back in headlines.
An international media consortium reported on Sunday that over 300 verified mobile phone numbers, including of two ministers, over 40 journalists, three opposition leaders besides scores of business persons and activists in India could have been targeted for hacking through the spyware.
While Pegasus is technically a very sophisticated form of hacking and is unlikely to be used to snoop into ordinary citizens, there are several other tools that are used to target common netizend and mobile users. From missed calls to hijacking public Wi-Fi, there are some fairly easy way to hack into a user's smartphone:
Missed calls
Via Missed calls, Pegasus can target a phone.In May 2019, a vulnerability discovered in Facebook's WhatsApp messaging app was reportedly being exploited to inject commercial spyware onto Android and iOS phones by simply calling the target. The spyware developed can be installed without trace and without the target answering the call, according to security researchers and was confirmed by WhatsApp.
Fake apps
Hackers usually create fake apps imitating a popular app, and embed it with spyware or other malware. A majority of these apps are found on third-party app stores, on social media, as pop-up ads on the internet, or sometimes, hackers target users via messages and links on websites.
Whatsapp, emails and SMS
This is another popular technique used by hackers. These links or attachments are sent via emails or text messages on SMS, WhatsApp or other messaging platforms. Once a user click on these links, they inject a software or a virus that can take your personal information or take control of your device.
SIM card swap
SIM card swapping or a SIM hijack isn't exactly the easiest ways of hacking smartphone data, but it is becoming increasingly popular.
This method enables a hacker to trick a mobile carrier into transferring a number to them, potentially leading to the user losing control over their social media accounts, banking apps and other sensitive logins and data. Essentially, any service that uses an OTP for authentication can be compromised by this method, making it very dangerous. Remember: your Aadhar authentication also happens via OTP.
Bluetooth
Bluetooth file transfer from someone you don't know. This is typically viral malware from another infected phone, trying to dump its payload into your device. Never accept unsolicited Bluetooth file transfers.
