This Spyware Can Harvest Data From Google, Apple, And Microsoft Cloud Accounts

Cloud storage has ushered in a new area of remote maintenance and instant access to data. However, cloud-based users are facing a serious risk of losing their own data since an Israeli company has developed spyware which is able to break into their accounts, as reported by Financial Times.

Named as Pegasus, the software was created to access not only cloud services such as Google Drive and iCloud but also messaging applications like Facebook Messenger. By copying the authentication keys, this software could spread the infection to users' cloud accounts and start downloading their surfing history. Once it takes effect on any device, there’s almost no chance for recovery even when the authentication key isn’t available anymore.

NSO has described Pegasus with excessive pride in order to pitch its potential investors. As extracted from a pitch document that Q-Cyber – the parent company of NSO – prepared for Uganda’s government, this software was advertised with several impressive phrases such as “retrieve the keys that open cloud vaults” and “independently sync-and-extract data”.

iPhones and Android devices are also on the list of Pegasus’s victim-to-be. The report also revealed that the software could affect cloud data of laptop, tablet and phone users even when they’re trying to eliminate Pegasus from devices infected in the first place.

The advertised abilities of Pegasus are so impressive that even tech giants like Google, Facebook and Apple have to take the opportunity to recheck their servers. Though those company claimed that their systems currently remain immune to Pegasus, the possibility that customers’ data would be violated by such spyware should still be seriously addressed.

In opposite to common understandings, NSO still holds the opinion that Pegasus is not a hacking tool. In his interview with Gizmodo, the official spokesman of NSO explained that they neither provide hacking tools nor commercialize the massively collected data under any circumstances. Even so, they didn’t deploy any argument against the belief that Pegasus fails to respect cloud-based users’ privacy.

The truth comes as no surprise that NSO has been recorded with a denouncement of creating illegal and immoral spyware since Pegasus is not their first try. Earlier this year, they are believed to put WhatsApp on puppet strings by hacking its users’ data through just a missed call. Besides, NGO Amnesty International is also filling a lawsuit alleging that this group has manipulated and intimidated Amnesty staff as well as other human rights protectors by keeping them under surveillance. According to Amnesty, it’s unlikely that NSO has paid enough respect to human rights, even though their unethical actions have been reported.