According to Citizen Lab Zambia is among the suspected countries infected with Spyware Pegasus. Countries like the United States Of America, UK, United Arab Emirates, and Israel are confirmed with the malware been very active.
Pegasus is a Spyware that is installable on a device like iOS that is Apple’s mobile operating system. It was developed by Israeli cyberarms firm called NSO and it is used by a designated operator to obtain information about the affected device and interconnection.
An operator called MULUNGUSHI was identified in Zambia from February 2018 and is been operational to present gathering data and information. Such as Contact details, device settings, screenshots and browsing history.
This maybe government-sanctioned spying as the Pegasus spyware works on that level.
To monitor a target, a government operator of Pegasus must convince the target to click on a specially crafted exploit link, which, when clicked, delivers a chain of zero-day exploits to penetrate security features on the phone and installs Pegasus without the user’s knowledge or permission. The report says
How Pegasus Works
Pegasus is capable of reading text messages, tracking calls, collecting passwords, tracing the location of the phone, and gathering information from apps.
It’s also able to record both voice and video calls, calendar list and can retrieve files from the phone.
Further, the Citizen Lab finding states
Once the phone is exploited and Pegasus is installed, it begins contacting the operator’s command and control (C&C) servers to receive and execute operators’ commands, and send back the target’s private data, including passwords, contact lists, calendar events, text messages, and live voice calls from popular mobile messaging apps.
The operator can even turn on the phone’s camera and microphone to capture activity in the phone’s vicinity.
The Pegasus Spyware Zambian Operator MULUNGUSHI seems to affect the MTN Network with an ASN name 36962. A Citizen Lab DNS cache hits were recorded on that ASN.
Spyware operation maybe politically targeted or may be used for legitimate law enforcement purposes. But in Zambia, such law enforcement does not exist as yet and Pegasus present as the first spyware in Zambia sanctioned with use of foreign power.