Technical Analysis of Pegasus Spyware
26.08.2016 Views
Share Embed Flag

Technical Analysis of Pegasus Spyware

eWE8mND

eWE8mND

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
ale.sp.brazil

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Interception <strong>of</strong> Calls and Messages<br />

<strong>Pegasus</strong> has a sophisticated set <strong>of</strong> audio and messaging intercept libraries that are modular and extensible. The base<br />

libraries for audio (libaudio.dylib) and messaging (libimo.dylib) are comprehensive, but there are specialized libraries for<br />

each <strong>of</strong> the key intercept protocols.<br />

The libaudio library registers a number <strong>of</strong> notification observers that record audio when fired. These observers listen for<br />

notification IDs that get posted by various <strong>Pegasus</strong> modules. In the analyzed sample, this included notifications from the<br />

WhatsApp and Viber modules (, libwacalls.dylib and libvbcalls.dylib).<br />

Normal Phone<br />

<strong>Pegasus</strong><br />

Infected Phone<br />

TECHNICAL ANALYSIS OF PEGASUS SPYWARE | 23

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!