Pegasus : OpSec | Torhoo darknet markets Torhoo!

2 points

3 months ago

Well first off it's a "State Sponsored" spyware. So if you ain't a threat to one you prob aint got it. However, a MVT, mobile verification tool kit, can scan for indicators of compromise. IOC's and you can find out if some government somewhere is keeping track of you

/u/xero 📢

1 points

3 months ago

Only MVT I'm aware of is one made by Amnesty. But that's only because it was mentioned in any article I've read about pegasus. Is that what I would need to use?

/u/erlingur

2 points

3 months ago

"So what's stopping the government from doing so?"

This is a theoretical question, and the answer is because once the technique is out they've used to infect the important people they are targeting, it gets patched. Then they have to invest millions of dollars to find another exploit, which may or may not exist. They do not have the capability to infect everyone, because it would greatly increase the detection surface.

In other words, reinstall your OS and take a breath. You are fine.

/u/xero 📢

1 points

3 months ago

Couldn't they just pay manufacturers to include it in their devices fresh out of the box? Or just pay them to not patch exploits?

/u/DPR_

1 points

3 months ago

They have no need to. First of all there are things thanks to the telacommunications act, all traffic is captured. I hope you aren't using a windows comp. Macs are almost as bad.

/u/pimp2go

2 points

3 months ago

There was a huge scandal a few years ago about this which exposed the fact there is NOTHING that is stopping them from spying on journalists, diplomats and anyone who is important or is a "threat" to the country. After this scandal, I suspect they have got even better at hiding traces of infection.

/u/xero 📢

1 points

3 months ago

What was the scandal?

/u/DaVenom Made of Ⱡ₳₴ɆⱤ₴

1 points

3 months ago*

Pegasus and other government spyware tools reside in memory only and leave very few traces. These spywares are usually in full control of your device and can do what you can do, see what you can see and hear what you can hear.

These spywares consume CPU, memory and network resources and can therefore be detected. However, AFAIK no software are available to detect such spyware.

/u/xero 📢

1 points

3 months ago

So would a cyber security company stating they can check if a device had been infected by the spyware be a scam? I keep seeing mixed information on antivirus software being able to detect it.

Only thing I've really seen mentioned is a detection tool from Amnesty.

/u/erlingur

2 points

3 months ago

Rest assured, they are not targeting you unless you are an important journalist or other public figure. As a normal user of the DarkNet they will not waste their time.

/u/DaVenom Made of Ⱡ₳₴ɆⱤ₴

1 points

3 months ago

You are right, there are cyber security companies that claim they can detect Pegasus and other spywares. I was referring to freeware and FOSS software. Please let us know if you seen such, there is a high interest in this.

/u/xero 📢

1 points

3 months ago

Only thing I know about is the amnesty MVT, but I take it that's not really what you're talking about?

/u/MrBacon420 P 🐖🌿⚗️420🌿🚬 🐷

1 points

3 months ago

So that's why my phone just heats up for no reason, right?

/u/DaVenom Made of Ⱡ₳₴ɆⱤ₴

3 points

3 months ago

Make sure you turned of the location service, that eats battery and can hide the spyware.

When infected by a government spyware, usually your VPN app is disconnecting all the time. LE are careful and do not change VPN configuration, it would be to obvious. However, due to constantly listening the phone eats battery, but the models I have checked (Samsung, iPhone, ZTE, Motorola, and some more) does not go warm.

You also discover that calls starts to have small lag and usually you can only speak one way (not 2-way) due to that the sound is cut. Also, there are sometimes digital background noise.

In general the phone becomes "slow" and buttons jam often.

By restarting the phone everything is fine for a while (minutes to a day), this due to that the spyware is in memory and needs to be re-injected after restarts.

/u/Kwik-go

2 points

3 months ago

*Throws iphone 5 into ocean......

/u/DaVenom Made of Ⱡ₳₴ɆⱤ₴

1 points

3 months ago

Side comment: I also checked Pixel/GrapheneOS phones, after default installation everything seems to be good. I could not detect any deviations (I expected a Pegasus injection). However, after installing additional software things looked OK, but phone started to report WiFi errors when it tried to connect to hotspots without me activating this. This indicates that the WiFi-chip of some reason tries to connect automatically to specific hotspots.

/u/xero 📢

1 points

3 months ago

This is a big part of why I posted. I've been wanting to buy a pixel to use grapheneOS. But I'm paranoid about it actually being preloaded with spyware or it being used as is to collect data from anyone trying to be more private.

/u/Wrench10_

1 points

3 months ago

If you're not Osama Bill Aden, or in possession of nuclear weapon activation codes, relax the state isn't going to blow millions investigating you, hahaha.

So don't worry.

/u/asfaleia ⚔️ασφάλεια⚔️

1 points

3 months ago

With proper training and routine you can vastly minimize the impact of such attempts. First of all, don't be spotted, discovered, observed. This is what the OpSec is for.

On the digital side, have the IME disabled, rice the HW and get rid of mics and cameras, use properly riced Qubes and use it wisely.

/u/xero 📢

1 points

2 months ago

How do you disable it? I noticed some comments on here say it doesn't actually disable either.

/u/asfaleia ⚔️ασφάλεια⚔️

1 points

2 months ago

You open the laptop and directly wire the CPU with clips to an another secure laptop and disable it from there. Your CPU and motherboard architecture must allow this. It cannot be done on every CPU of course.