A sophisticated attack method where hackers exploit vulnerabilities in software or hardware without requiring any user interaction.

• No User Action Required: Unlike phishing, zero-click exploits do not need the victim to click links, download files, or grant permissions.
• Exploiting Software Vulnerabilities: Hackers use flaws in operating systems, messaging apps, or browsers to inject malware.
• Commonly Targets Mobile Devices: Often used to hack smartphones via messaging apps like WhatsApp, iMessage, or Telegram by sending malicious multimedia messages.
• Spyware Deployment: Zero-click exploits are commonly used to install spyware, such as Pegasus, to monitor and extract sensitive data.
• Difficult to Detect & Prevent: Since there is no user action, traditional security measures like awareness training and cautious clicking do not help. Patching vulnerabilities is the only defense.

Pegasus Spyware Allegations in India

Details:

• Investigations alleged that Pegasus spyware was used on ministers, opposition leaders, journalists, activists, and others in India.
• Pegasus can infiltrate devices without user interaction, accessing messages, calls, and activating cameras or microphones.
• Forensic analyses showed signs of attempted or successful Pegasus infections on several Indian phones.
• The Supreme Court of India appointed a technical committee to investigate these allegations.