NSO Pegasus Malware - How Governments spy on any phone
Intro
-------
Pegasus is spyware developed by NSO Group and is sold to Governments across the globe to conduct eavesdropping missions. The malware has been well documented by journalists due to its apparent mis-use by some Governments, and in July 2021 Forbidden Stories revealed they had obtained a list of 50k potential targets of the spyware.
In this video I give an over of Pegasus and NSO Group behind it, some techniques to analyse "alleged" Pegasus malware samples - and share my opinions on why most samples are probably not what they seem. Finally I provide a rather unique insight into what I believe to be an ongoing malicious campaign to distribute this malware through popular messagings apps like Telegram and WhatsApp.
Further Research
---------------------------
Throughout the video I mention a supporting document with additional details and further analysis. You can access that here:
https://docs.google.com/document/d/1eK-UrzBNHCaFiHuK6RjbeGDJOVTFy5pztmQ0d2bqT2Y/
Timestamps
--------------------
00:00 - Intro
00:48 - Backstory to NSO and Pegasus
02:38 - Trident & Megalodon
05:23 - Malware Analysis
15:31 - The most likely Pegasus sample
22:52 - Threat Intelligence
26:25 - Summary & Thanks!
Like & Subscribe
--------------------------
If you liked the video, hit the thumbs up. If you loved it, please subscribe, it really does help support this channel
Follow & Support
---------------------------
I'm active on https://twitter.com/cybercdh - I'd be pleased to see you there
Also you can support this channel at https://patreon.com/cybercdh and many thanks to all that have pledged so far, you are amazing.
Take care, peace out.
Colin
@cybercdh
Видео NSO Pegasus Malware - How Governments spy on any phone канала cybercdh
-------
Pegasus is spyware developed by NSO Group and is sold to Governments across the globe to conduct eavesdropping missions. The malware has been well documented by journalists due to its apparent mis-use by some Governments, and in July 2021 Forbidden Stories revealed they had obtained a list of 50k potential targets of the spyware.
In this video I give an over of Pegasus and NSO Group behind it, some techniques to analyse "alleged" Pegasus malware samples - and share my opinions on why most samples are probably not what they seem. Finally I provide a rather unique insight into what I believe to be an ongoing malicious campaign to distribute this malware through popular messagings apps like Telegram and WhatsApp.
Further Research
---------------------------
Throughout the video I mention a supporting document with additional details and further analysis. You can access that here:
https://docs.google.com/document/d/1eK-UrzBNHCaFiHuK6RjbeGDJOVTFy5pztmQ0d2bqT2Y/
Timestamps
--------------------
00:00 - Intro
00:48 - Backstory to NSO and Pegasus
02:38 - Trident & Megalodon
05:23 - Malware Analysis
15:31 - The most likely Pegasus sample
22:52 - Threat Intelligence
26:25 - Summary & Thanks!
Like & Subscribe
--------------------------
If you liked the video, hit the thumbs up. If you loved it, please subscribe, it really does help support this channel
Follow & Support
---------------------------
I'm active on https://twitter.com/cybercdh - I'd be pleased to see you there
Also you can support this channel at https://patreon.com/cybercdh and many thanks to all that have pledged so far, you are amazing.
Take care, peace out.
Colin
@cybercdh
Видео NSO Pegasus Malware - How Governments spy on any phone канала cybercdh
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
If Amber Heard did InfoSec
Detect, Hunt & Analyze Threats with INTEZER
Y2K22 - Why 2022 Broke Email
LOG4SHELL - A Zero Day you need to protect against TODAY
Was it Really North Korea? Tools and Techniques to Attribute Malware Campaigns to Nation States
Kaseya Ransomware Attack - 5 Key Insights into this Malware campaign
JavaScript Malware - How bad can it be?
Clubhouse Malware - Analysis of an Agent Tesla Infection Campaign
How to STEAL $1bn - A look at the Bangladesh Bank Heist
I bought a PHISHING website from the DARKWEB. Here's what I found...
25000 SUBSCRIBERS! A look back and forwards across the channel and my THANKS to YOU!!!!!
Cyber Defender REACTS to THEFT of Microsoft Exchange Server ZERO DAYS used by HAFNIUM
Remcos Config - Using RC4 to Get Command & Control from CyberChef
Building a Malware Lab - Software, Hardware, Tools and Tips for Effective Malware Analysis
Emotet is Dead
JNLP Dangers - Java Malware Detection & Analysis
The Truth About Phishing - Tools, Tactics and Techniques to Analyse Phishing & Protect Your Privacy
Zyxel Backdoor & A Known Plaintext Attack
SUPERNOVA - Everything you need to know to Reverse Engineer an APT WebShell
SUNBURST SolarWinds RECON - Malware Reverse Engineering, OSINT and Identifying Victims