+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Researchers discover a fake anti-virus tool for Pegasus by hackers impersonating Amnesty International

Oct 1, 2021, 10:01 IST
Business Insider India
Hackers have created a fake website that offers an anti-virus tool against the spyware but it instead installs malware on the user’s device.Unsplash
  • There’s a fake Amnesty International website created to offer protection against the Pegasus spyware.
  • The anti-virus tool actually installs malware on the victim’s device.
  • The website and the anti-virus tool look quite legitimate which might fool quite a lot of people.
Advertisement
Hackers are impersonating Amnesty International through a fake website that promises to protect against the Pegasus spyware. This could actually mislead people as it was Amnesty that released a report on how the NSO Group’s Pegasus spyware was used to target international journalists and activists. The fake website offers an anti-virus tool against the spyware but it instead installs malware on the user’s device.

This malware called ‘Sarwent’ isn’t very popular but it can be potentially harmful as it can activate remote desktop protocol on the victim’s device, security researchers from Talos Intelligence said in a blog post. If Sarwent is installed then hackers can gain remote access to the device and infiltrate any kind of data from it.

Hackers put in quite a lot of effort in replicating Amnesty International’s website but the giveaway is that the original site has a white background but the fake one has a transparent background. Talos found that this site has a full-page promotion of the anti-virus software called “AVPegasus”. Hackers offer a demo version of the “Amnesty Pegasus” software that users can download. The design of the anti-virus software also looks very legitimate and can easily fool one into thinking that it’s real. There’s a “Pegasus Scan” tool that scans and looks out for spyware, and other options like system junk, malware removal, maintenance and optimisation.

Talos found that the campaign for this malware is widespread but has a low-volume in comparison to other large-scale campaigns. The countries affected include the US, the UK, Russia, India, Ukraine, Czech Republic, Romania and Colombia but there haven’t been any malicious advertisements or phishing campaigns to promote the malware. The security firm is also not certain whether this is just the work of a financially motivated hacker or something bigger with a government possibly involved.

SEE ALSO:

Advertisement

How Google is using AI to improve search, videos and more with a focus on visuals
Realme Narzo 50A review: Camera upgrades, rest remains the same
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article