What does Pegasus Spyware do? Don’t Overthink

What does the Pegasus spyware do? Don’t Overthink 

Did you imagine some super spy software which tracks you even when your mobiles internet or data connection is off.

According to the software’s description on the NSO Group’s website, the Pegasus spyware is capable of complete data extraction from the victim’s phone.

What makes this software worse is that it can be used for remote and stealth monitoring, without the victim even realising that they are being watched.The NSO Group’s website notes that the spyware can extract data remotely via untraceable commands.The Pegasus spyware could essentially make it unnecessary to have physical access to a device to spy on victims.



For instance, iPhones, which are usually touted for being secure, reportedly have a gaping security issue in iMessage that allows remote access and duplication of data.

But if you are common man please don’t overthink all the above to operational day in day out requires cash to be burnt and if you are common man like me no government is gonna spend on you so chill, 

DONT OVER THINK

How to check if your mobile has PEGASUS 

Amnesty International has developed Mobile Verification Toolkit (MVT), this tool helps the user to identify whether his phone has been hacked by Pegasus spyware or not. It works with both Android and iOS devices, although Amnesty said that more forensic traces were found on iPhones than Android devices, which makes it easier to detect on iPhones.

MVT requires at least Python 3.6 to run on the system. MacOS users need to have Xcode and Homebrew installed as well. If you want to view forensic traces on an Android device, you'll also need to install certain dependencies.

Users have to back up their data to allow MVT to decrypt all files stored locally on their phones to see the Pegasus proofs. However, in the case of a jailbroken iPhone, a full file system dump can also be used for analysis.

Once a backup is created, MVT uses indicators such as domain names and binaries to look for Pegasus related traces of NSO. If you have an encrypted iPhone backup, you can also use MVT to decrypt your backup without having to make a whole new copy.

The code for the tool is also open source and is available on GitHub along with detailed documentation.

Pegasus has been termed as the most sophisticated hacking software available today to intrude phones. The NSO Group has, time and again, claimed that it does not hold responsibility in case of misuse of the Pegasus software. The group claims that it only sells the tool to vetted governments and not individuals or any other entities.

How to Pay Ransom During Ransomeware attack on your company ?

How to Pay Ransom during a Ransomeware cyber attack in India ?

The demand for ransom is illegal under the IPC, but not the payment. If business exigencies require, ransom may have to be paid under duress. even Section 37 of the income tax Act in India will not come in the way of the claim for deduction of ransom money. Commissioner of Income Tax Vs M/s Khemchand Motilal Jain (Madhya Pradesh High Court (2011))

There are also companies that swoop in at the last minute to handle the logistics. companies like CyberSecOp, DigitalMint, are a full-service, final-mile crypto broker.They are at the end of the process

They hired specialists, after the forensic consultants, the company, and stakeholders have all made the determination victims have exhausted all their options and that paying the ransom from an economics perspective is the best way to move forward. That’s when they come to companies like CyberSecOp, digitalmint in order to help them acquire crypto at any time of day or night,

In the space of 30 to 60 minutes from initial contact, these companies are able to make the ransom payment for the victim. This includes vetting the hacker to make sure they aren’t tied to a U.S.-sanctioned country and going on the open market, order books and exchanges to acquire the cryptocurrency needed to pay the ransom.

They say that 90% to 95% of ransoms are paid in bitcoin, but monero is an increasingly popular option. Monero is considered more of a privacy token and allows cybercriminals greater freedom from some of the tracking tools and mechanisms that the bitcoin blockchain brings.

Since January 2020, DigitalMint alone has facilitated more than $100 million in ransomware settlements with a median payment of $800,000.

Last year, crypto ransomware payments overall more than quadrupled from 2019 levels to $350 million, according to Chainalysis,  that figure is likely understated. But the true number may be closer to $1 billion.

In April, a task force including Amazon Web Services, Microsoft, the FBI and the Secret Service, among others, delivered recommendations to the White House on how to fight the ransomware threat. On the question of whether to ban payments to attackers, the group of more than 60 members was split.

Part of the problem is that the threat actors are getting greedy at pricing their ransom demands. 

If they ask for too much, forensics goes through their feasibility studies and says, ‘Well, that’s too much. Let’s just rebuild our systems, take a risk, and not pay for it,’ 

At a certain point, it is more economically viable to just pay the ransom rather than hemorrhaging cash due to paralyzed operations.

Bitcoin is the most popular currency demanded by ransomware attackers, but other cryptocurrencies they have dictated include Ethereum, Zcash, and Monero.

Other methods

The first step is to contact your organization's bank to determine if they transfer funds to a cryptocurrency exchange, and if there are any limits.

Then set up an account with a cryptocurrency exchange such as CoinDCX or WazirX,  or on coinbased which is FDIC-insured for up to $250,000 held in US currency in a custodial account. Once the US dollars are exchanged for digital currency, Coinbase insures the digital currency should its system be breached, but does not insure the breach of an individual account, according to its website.

Once you create a cryptocurrency exchange account, have your bank transfer/wire its government-issued currency into the wallet or custodial account. From there, you can purchase some cryptocurrency to hold in a digital wallet or custodial Coinbase account.

But you may want to think twice before buying and holding cryptocurrency in custodial accounts because the value of this currency can be highly volatile. 

To seed a cryptocurrency exchange account or Coinbase account in advance of any ransomware attack, you must open an account with one of the cryptocurrency companies such as Bitcoin, Zcash, Ethereum, or Monero.

For Small Ransom Payments, Go to a Bitcoin ATM

Using a Bitcoin ATM is faster than purchasing Bitcoins online, says Neal Conner, a customer service manager for Bitcoin ATM manufacturer Lamassu, which has 300 machines across the globe through independent operators.

These ATM machines are cash-based, no [credit or debit] cards or bank accounts are required. If you're buying online, they certainly are from the brokerage or exchange you are purchasing them from. With online methods of purchasing Bitcoins, most users have to go through registration, verification, and linking of credit cards or bank accounts, a cumbersome process, especially if you have cash and just want Bitcoin immediately.

First, download a Bitcoin mobile wallet app on the Bitcoin site for Android or iOS Phone.

The wallet allows you to access one of the growing network of Bitcoin ATM machines, such as Coinucopia. The Bitcoin wallet app for Android or Breadwallet for the iPhone, for example, work with this particular ATM, for example. Next, download an app for reading QR codes. The ATM reads the wallet information via its QR code displayed on the phone.

The Coinucopia ATM can accept a minimum of $5 to a maximum of $3,000 per transaction, which will then be converted into Bitcoin and loaded onto the phone's Bitcoin wallet. The maximum daily amount that can be purchased for a Bitcoin wallet account is $10,000.

Once the money is loaded onto the digital wallet, the ransomware address can be entered onto your smartphone and the payment sent.

Pay via an Online Cryptocurrency Account

If just a limited number of machines or devices are hit with ransomware, online payment may be a good option.

The decision to use an online cryptocurrency service verses a Bitcoin ATM machine largely depends on the comfort level of the person handling the transaction.

Depending on the cryptocurrency exchange service, a cap generally exists on the amount of Bitcoin, Monero, or other type of cryptocurrency that can be purchased per transaction.

For example, a cap of $5,000 per transaction to purchase Bitcoin or to convert Bitcoin to Monero would require you to execute the purchase process 14 times if you have 50 computers and devices infected with ransomware and a ransom demand of $1,400 per machine. That would total a $70,000 purchase in digital currency, and potentially exceed the daily allotment per account that is available.

Depending on the type of cryptocurrency the attacker demands - Bitcoin, Monero, Zcash, or Ethereum - the type of account you would need to get and number of services differs.

If a ransom demand is in Monero, for example, you need a Monero digital wallet. Additionally, you need to sign up for a digital currency converter service such as ShapeShift, because a number of cryptocurrency exchanges do not accept Monero directly, Spagni explains. You would also need to sign up for a cryptocurrency exchange to purchase the Bitcoin, which would then be converted to Monero using ShapeShift.

Signing up for a digital wallet, cryptocurrency exchange, and digital currency converter service, can take longer to execute a transaction than using a Bitcoin ATM.

Final Advice

Try to Convince decision makers Not to Pay the Ransom

Don't give up hope that your CEO or board of directors will have a change of heart and give up on paying ransom.

Tell them the main reason not to pay: it doesn't necessarily not guarantee access to the locked files, sometimes even cybercriminals don't know the decryption key coz ransomeware seller never sold the decryption key to the cyber criminal.

Sane advice: Don't pay the ransom. Once you do, they may keep coming back for more. That's like Kidnapping. The other thing is that if other cyber criminals in this space know you pay, then they, too, will hit you up next.

Legal status of cryptocurrency in India

What's the legal status of cryptocurrency or Digital currency in India?

As of July 2021, Cryptocurrencies are not illegal in India. So if you want to buy, let's say Bitcoins, you can do so and start trading in it. However, India does not have a regulatory framework to govern cryptocurrencies as of now. The government had constituted an Inter-Ministerial Committee (IMC) on November 2, 2017, to study virtual currencies. The Group's report, along with a Draft Bill, flagged the positive aspect of distributed-ledger technology and suggested various applications, especially in financial services, for its use in India, including banks and other financial firms. 

However, the Centre had flagged reservations around its misuse and wanted to put a blanket ban in India. Latest reports say cryptocurrency may not face a complete ban in India. The Centre may soon set up a panel to regulate them. The decision was taken after several cryptocurrency exchanges urged the Centre to regulate virtual coins rather than banning them. Cryptocurrency , as a medium of payment, has neither been authorized nor been regulated by any central authority in India. Further, no set rules, regulations or guidelines have been laid down for resolving disputes that could arise while dealing with bitcoins. Hence, cryptocurrency transactions come with their own set of risks.

You should also know that the government in Jan 2021 had also said, it will introduce a bill to create a sovereign digital currency and simultaneously ban all private cryptocurrencies.

• “The bill seeks to prohibit all private cryptocurrencies in India. However, it would allow certain exceptions to promote the underlying technology of cryptocurrency and its uses,” the government says.

What’s the Road Ahead for cryptocurrency or digital currency in India ?

While the government has some reservations regarding cryptocurrencies, it is also working on its digital currency. The government does not want to be left behind in the new age tech revolution and aims to cash in on the benefits blockchain technology offers. "The time has come to leverage its applications while at the same time strengthening the digital infrastructure," Reserve Bank of India (RBI) Governor Shaktikanta Das had said in February 2021 while announcing that RBI is working on its digital currency. 

Is cryptocurrency taxable currently?

Yes. Cryptocurrency transactions are taxable in India in cases where the person earning such gains is an Indian tax resident or where the crypto is said to be domiciled in India. The income tax authorities may choose to tax the gains from bitcoins under the head “Income from other sources”. Further, if the income gets taxed under “Income from other sources”, the taxpayer would have to pay taxes at a rate as applicable to the tax slab he falls under. For eg, if his taxable income exceeds Rs 10 lakh, he would be liable to a tax @ 30% .

Cryptocurrency was once having implied ban in India.

The RBI, through a circular in April 2018, had advised all entities regulated by it not to deal in virtual currencies or provide services for facilitating any person or entity in dealing with or settling them. 

In 2018, the finance ministry had also issued a statement, saying "the government does not consider cryptocurrencies as legal tender or coin and will take all measures to eliminate the use of these crypto-assets in financing illegitimate activities or a part of the payment system the government will explore the use of blockchain technology proactively for assuring in the digital economy." 

In mid-2019, a government committee had suggested banning all private cryptocurrencies, with a jail term of up to 10 years as well as heavy penalties for anyone dealing in digital currencies. However, the Supreme Court in March 2020 overturned RBI's circular, permitting banks to handle cryptocurrency transactions from traders and exchanges.

Conclusion:

In India, despite government threats of a ban, transaction volumes are swelling and 8 million investors now hold 100 billion rupees ($1.4 billion) in crypto-investments, according to industry estimates. I feel Goverment would give six months lead time to liquidate cryptocurrency before banning them if it decides so. Please do pay your taxes on the cryptocurrency holdings or you may be vilified in the Goverment books .