NSO Pegasus Malware - How Governments spy on any phone
Intro
-------
Pegasus is spyware developed by NSO Group and is sold to Governments across the globe to conduct eavesdropping missions. The malware has been well documented by journalists due to its apparent mis-use by some Governments, and in July 2021 Forbidden Stories revealed they had obtained a list of 50k potential targets of the spyware.
In this video I give an over of Pegasus and NSO Group behind it, some techniques to analyse "alleged" Pegasus malware samples - and share my opinions on why most samples are probably not what they seem. Finally I provide a rather unique insight into what I believe to be an ongoing malicious campaign to distribute this malware through popular messagings apps like Telegram and WhatsApp.
Further Research
---------------------------
Throughout the video I mention a supporting document with additional details and further analysis. You can access that here:
https://docs.google.com/document/d/1eK-UrzBNHCaFiHuK6RjbeGDJOVTFy5pztmQ0d2bqT2Y/
Timestamps
--------------------
00:00 - Intro
00:48 - Backstory to NSO and Pegasus
02:38 - Trident & Megalodon
05:23 - Malware Analysis
15:31 - The most likely Pegasus sample
22:52 - Threat Intelligence
26:25 - Summary & Thanks!
Like & Subscribe
--------------------------
If you liked the video, hit the thumbs up. If you loved it, please subscribe, it really does help support this channel
Follow & Support
---------------------------
I'm active on https://twitter.com/cybercdh - I'd be pleased to see you there
Also you can support this channel at https://patreon.com/cybercdh and many thanks to all that have pledged so far, you are amazing.
Take care, peace out.
Colin
@cybercdh
Видео NSO Pegasus Malware - How Governments spy on any phone канала cybercdh
-------
Pegasus is spyware developed by NSO Group and is sold to Governments across the globe to conduct eavesdropping missions. The malware has been well documented by journalists due to its apparent mis-use by some Governments, and in July 2021 Forbidden Stories revealed they had obtained a list of 50k potential targets of the spyware.
In this video I give an over of Pegasus and NSO Group behind it, some techniques to analyse "alleged" Pegasus malware samples - and share my opinions on why most samples are probably not what they seem. Finally I provide a rather unique insight into what I believe to be an ongoing malicious campaign to distribute this malware through popular messagings apps like Telegram and WhatsApp.
Further Research
---------------------------
Throughout the video I mention a supporting document with additional details and further analysis. You can access that here:
https://docs.google.com/document/d/1eK-UrzBNHCaFiHuK6RjbeGDJOVTFy5pztmQ0d2bqT2Y/
Timestamps
--------------------
00:00 - Intro
00:48 - Backstory to NSO and Pegasus
02:38 - Trident & Megalodon
05:23 - Malware Analysis
15:31 - The most likely Pegasus sample
22:52 - Threat Intelligence
26:25 - Summary & Thanks!
Like & Subscribe
--------------------------
If you liked the video, hit the thumbs up. If you loved it, please subscribe, it really does help support this channel
Follow & Support
---------------------------
I'm active on https://twitter.com/cybercdh - I'd be pleased to see you there
Also you can support this channel at https://patreon.com/cybercdh and many thanks to all that have pledged so far, you are amazing.
Take care, peace out.
Colin
@cybercdh
Видео NSO Pegasus Malware - How Governments spy on any phone канала cybercdh
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
If Amber Heard did InfoSecDetect, Hunt & Analyze Threats with INTEZERY2K22 - Why 2022 Broke EmailLOG4SHELL - A Zero Day you need to protect against TODAYWas it Really North Korea? Tools and Techniques to Attribute Malware Campaigns to Nation StatesKaseya Ransomware Attack - 5 Key Insights into this Malware campaignJavaScript Malware - How bad can it be?Clubhouse Malware - Analysis of an Agent Tesla Infection CampaignHow to STEAL $1bn - A look at the Bangladesh Bank HeistI bought a PHISHING website from the DARKWEB. Here's what I found...25000 SUBSCRIBERS! A look back and forwards across the channel and my THANKS to YOU!!!!!Cyber Defender REACTS to THEFT of Microsoft Exchange Server ZERO DAYS used by HAFNIUMRemcos Config - Using RC4 to Get Command & Control from CyberChefBuilding a Malware Lab - Software, Hardware, Tools and Tips for Effective Malware AnalysisEmotet is DeadJNLP Dangers - Java Malware Detection & AnalysisThe Truth About Phishing - Tools, Tactics and Techniques to Analyse Phishing & Protect Your PrivacyZyxel Backdoor & A Known Plaintext AttackSUPERNOVA - Everything you need to know to Reverse Engineer an APT WebShellSUNBURST SolarWinds RECON - Malware Reverse Engineering, OSINT and Identifying Victims