iPhone hack notification: From Pegasus, Predator to Hermit, check list of dangerous spywares used globally

 On Monday, several members of the Opposition took to social media to share a notification that they received from Apple.  The notification conveyed a message stating, "Apple believes you are being targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your Apple ID." 

Opposition party leaders, which included the likes of Shashi Tharoor, Supriya Shrinate, Mahua Moitra, Priyanka Chaturvedi and many others, accused the incumbent BJP government of deploying spyware in order to snoop on them. However, a senior minister within the Modi government also received a similar notification on their mobile device.

A spyware is a type of malicious software that is designed to secretly gather information from a computer or device without the user's knowledge or consent. It can collect various types of data, such as keystrokes, browsing habits, personal information, and more, and then send this data to a remote server or third party. Spyware is often used for unauthorised surveillance or to steal sensitive information.

Apple did, however, in response to these notifications, clarify that it did not attribute the threat notifications to any specific state-sponsored attacker, stating that the latter are "very well-funded and sophisticated, and their attacks evolve over time. Detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete." 

But, the debate over deploying spyware, including in India, is not new and several controversies had erupted in the past. 

Back in 2021, for instance, India was embroiled in controversy when reports emerged suggesting that the government had employed Israeli-made Pegasus spyware to execute surveillance of numerous journalists, activists, and politicians, including Rahul Gandhi.

Here is a list of some of the prominent spyware software that is in existence across the world:
 
Pegasus: Developed by Israel’s NSO Group, Pegasus is a highly sophisticated spyware known for its ability to infiltrate smartphones and gather an array of data, from calls and messages to location and emails. Its use has raised serious concerns about human rights violations and misuse.

Chrysaor: Chrysaor is a sophisticated and highly invasive spyware that is known for its association with state-sponsored surveillance. It is believed to be related to the Pegasus spyware and has been linked to the NSO Group. Chrysaor is designed to target and infiltrate Android mobile devices, granting attackers extensive access and control over the compromised device.

Predator: Also known as Predator Pain or Painfully Predator, is a type of malicious software designed to infiltrate and compromise a computer or device for the purpose of spying on the user. This spyware allows the attacker to monitor and collect a wide range of information from the infected system, including keystrokes, passwords, web browsing history, and other sensitive data. Predator Spyware often operates covertly, making it difficult for the victim to detect its presence. Once it infects a system, it can transmit the gathered data to a remote server controlled by the attacker.

Hermit: Hermit is spyware created by the Italian commercial spyware provider RCS Lab, which can be discreetly installed on mobile phones running iOS and Android. The utilisation of this software was brought to public attention by Google's Threat Analysis Group (TAG) in 2022, and had been previously disclosed by the security research group Lookout.

FinFisher: FinFisher, also known as FinSpy, is another powerful spyware suite designed for governmental and law enforcement use. It can infiltrate computers and mobile devices, granting full access to a target's data and communications.

Candid: Candid, formerly known as Verint, is an Israeli cyber intelligence firm known for developing spyware used by various governments. Their software can intercept and analyse communications.

XKeyscore: While not traditional spyware, XKeyscore is a powerful surveillance system. Reportedly, it has been used by the National Security Agency (NSA) to collect and analyse vast amounts of global internet data. It operates on a massive scale, causing significant privacy concerns.

DarkTequila: DarkTequila is a sophisticated banking trojan with a twist. It not only steals financial information but also gathers personal data and login credentials. It spreads through malicious downloads and phishing emails.

Sofacy: Sofacy, also known as APT28 and Fancy Bear is reportedly a state-sponsored Russian hacking group that has been linked to various cyber-espionage campaigns. They employ advanced malware to target political and military entities. In 2018, an indictment by the United States Special Counsel identified Fancy Bear as GRU Unit 26165.

RATs: Remote Access Trojans (RATs) like Poison Ivy and NanoCore give attackers complete control over infected systems. They can capture keystrokes, take screenshots, and access files remotely, making them powerful spy tools.

Stingrays: While not traditional spyware, Stingrays are surveillance devices used by law enforcement to intercept mobile phone traffic. They can mimic cell towers, enabling location tracking and call interception.