Project Pegasus: The Israeli spyware, revealed to have been used to target hundreds of phones in India, has grown less reliant on clicks. Pegasus can infect a device without the target’s engagement or knowledge.
In November 2019, a tech reporter from New York City photographed an interception device displayed at Milipol, a trade show on homeland security in Paris. The exhibitor, NSO Group, placed the hardware at the back of a van, perhaps suggesting convenience of portability, and said it would not work on US phone numbers, possibly due to a self-imposed restriction by the firm.
Since the Israeli cyber giant was founded in 2010, that was probably the first time an NSO-made portable Base Transceiver Station (BTS) was featured in a media report.
A BTS — or ‘rogue cell tower’ or ‘IMSI Catcher’ or ‘stingray’ — impersonates legitimate cellular towers and forces mobile phones within a radius to connect to it, so that the intercepted traffic can be manipulated by an attacker. The BTS photographed in 2019 was composed of horizontally-stacked cards, likely to allow interception over multiple frequency bands.
The other option is to leverage access to the target’s mobile operator itself. In that scenario, an attacker would not need any rogue cell tower but would rely on the regular network infrastructure for manipulation.
