Pegasus Spyware: so dangerous that it should be banned? OTW explains...

Pegasus is used around the world to hack people's phones. It's extremely dangerous and can be used to control a phone remotely without the user knowing that is running.
Big thanks to Brilliant for sponsoring this video! Get started with a free 30 day trial and 20% discount: brilliant.org/DavidBombal
// Mr Robot Playlist //
ua-cam.com/play/PLhfrWIlLOoKNYR8uvEXSAzDfKGAPIDB8q.html
// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
UA-cam: ua-cam.com/users/davidbombal
// Occupy The Web social //
Twitter: twitter.com/three_cube
// OTW Discount //
Use the code BOMBAL to get a 20% discount off anything from OTW's website: davidbombal.wiki/otw
// Occupy The Web books //
Linux Basics for Hackers: amzn.to/3JlAQXe
Getting Started Becoming a Master Hacker: amzn.to/3qCQbvh
Top Hacking Books you need to read: ua-cam.com/video/trPJaCGBbKU/v-deo.html
// Other books //
The Linux Command Line: amzn.to/3ihGP3j
How Linux Works: amzn.to/3qeCHoY
The Car Hacker’s Handbook by Craig Smith: amzn.to/3pBESSM
Hacking Connected Cars by Alissa Knight: amzn.to/3dDUZN8
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Intro
00:22 - Brilliant Add
01:59 - OTW Books
03:54 - Pegasus overview
06:54 - Pegasus info
07:40 - Pegasus in use
08:56 - Human rights
09:25 - 0 Day malware
13:33 - Original Pegasus 1 click exploit
14:30 - How it works
16:52 - Remote access
17:48 - Malware links
19:30 - Femtocell
21:01 - Stingray
22:10 - How they work
23:50 - Pegasus 0 click exploit
24:55 - Pegasus malware
25:29 - Human rights
26:51 - ISO/Android vs malware
27:40 - Governments
29:19 - What can we do?
30:35 - Be responsible
32:01 - Governments and malware
32:51 - NSO
35:14 - Privacy
36:03 - Command and control
37:36 - Processes
38:38 - NSO developers
38:53 - Expectations
40:30 - Social engineering
43:04 Eternal blue
44:25 Chrysaor
45:23 Outro thoughts
pegasus
spyware
hacking
hacker
malware
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.

Privacy is one of the most fundamental human rights

When these two get together, it ALWAYS seems to end too soon....just can't get enough. Thanks guys!

When a government commissions anything for use, their justification is always "it will be used against our enemies" but invariably it will always be turned inwards against it's own people.

As a Retired combat Marine I want to tell you that as what you are doing is just as important as any warrior on the battlefield. You are waging warfare against cheater on the digital battlefield. You are defending and protecting the most vulnerable of our society against these predators and cheaters. Keep up the good work Team *Topphase Resolution* ..

Thinking that the government or corporations care, and are not one and the same, is foolish. There is no privacy period. Thanks for both of your work.

The problem is not Pegasus, it is phone makers that don’t let you install a proper firewall and a proper app locker.

Many thanks to you two David & OTW, your collaboration is always top-notch.👌 Keep up the good work. 🙏🙏

Thank you, both of you for addressing this issue and educating us

Thanks for the upload! I know most of the stuff discussed, but it was interesting to be able to confirm my understanding was correct. I hope such videos get more attention and people stop clicking on links outside a sandbox, at the very least!

We need to stop treating phones as secure devices. The mindset has to change. I don't keep any sensitive data on my phone, my cameras have tapes on them etc.

You and Occupy the web are a great combo for sure. Well done

Dear David and OTW, you guys together are amazing! Hope this collaboration will continue for a long time, because I’m looking forward to any new video you guys work on! Great job!

John McAfee once said, "Computer Security is an Oxymoron."

Top content David....Love the videos you collaborate with OTW.

Both your content and OTW content are addictive-especially helpful to gain value when you’re hooked, though 🙌🏽

Getting a search warrant to surveil a subject should not include the use of a Stingray! All the phones in the area will connect to it. LEOs don't have a search warrant for everyone in the transceiver area!

That was an awesome interview Dave.
My best wishes to Neal, stay positive, fast 2 days at least a week exercise a lot , green diet , less sugar and red meat, a lot of water .
Win your life back don’t give up and you will a champion in Golf as you are In Cybersecurity.
All the best.

Dear Mr. Bomball and Mr. OccupyTheWeb,
Thank you for educating us on these issues. I would like to kindly please you to teach us how we can technically detect such spywares on our phones? What lessons or tutorials should we learn in order to find out whether our phones are being spied? Please help us learning that great area of cyber security.

I think bringing awareness to things like this is the first step to implementing policies to help protect privacy rights for people

That would be great a technical demostration of Eternal blue ! we will wait for the session David,

I am so happy to have found your channel. #1 favorite content! Thanks so much!

Thanks a lot David, awesome content as usual. I would love to see you interviewing Ryan Montgomery!

Hi.Thanks for very in-depth video. If I have installed a distro such as arch linux on your phone, then access still be gained to your phone?

What an enthralling captivating discussion! Thank you David! I look forward to hearing more! 👍👏

Fantastically informative, thank you for the awesome content.

Thank you !!😊 It helped me learn about the danger lurking around me.

This is real content!!! Thanks David and OTW sharing all your knowledge.

Hey David
first im learning from you and your videos for years and I'm fascinating by social engineer
you have any recommendation on specific place that i can learn more about this skill and upgrade my self bit more?

Legendary thanks David. From south Australia at work chatting about u Chanel interesting hey many people watching u Chanel

Always love to listen to otw and David!!

Thank you, David, for another brilliant video! I always feel just a little bit smarter, much more hungry and inspired to learn more. OTW's classes are top notch! You are the best! Cheers!!

Another great video David. OTW is correct you do have the best YT channel for cyber

Welcome back Master OTW
Thnkz both of u ...

thank you for bringing back OTW

we all love our great teacher, doing a great job and educating about digital era and talking about privacy that is core thing for human society .

Mann your community, the majority of IT community, David B, OTW, and etc all dropping diamond and gems!! Letting us know how to win!! We need more people like y’all mann!! God bless y’all!! We appreciate you David and OTW!!!

Always assume your devices are already compromised.

Wow , really interesting topic!!! Thank you

As always thank you both so much for the content!! Amazing as always! Happy Father's day yall and all other fathers out there!

What's crazy is there are probably 10 or more that we don't know about. Great video David.

It's alarming to think about the misuse of tools like Pegasus spyware, especially when it comes to infringing on individual privacy and human rights. I'd say "unbelievable", but sadly... Its not.

Looking forward to Occupy the web talking On the AIGC era we are living in & how it impacts different Cybersecurity Fields

thx David for such a good material and thank for the OccupyTheWeb sharing such a good info

Back in the DOS days, PC Tools, did a program byte count of the code in a software product. If the scanner found a different number of code bytes, say less or more, than the original known ( size ) of the code including key, count, it would send up the red flag. Think about thar for a second. One way to detect key loggers is get your hard drive used information motion, type 100 words on notepad, the delete it, re read hard drive bytes used,if it's the same count after you erased it, that's good, but if now you drive says it's more than the count you first logged, say about the amount you typed in, I would suspect a keylogger installed. Keep a watchful eye on disk storage usage. It's a pain, but.

Thanks David Bombal, just one quick request. Next time you interview OTW, can you ask about the release date of 'cyberwarrior handbook'?, because I already have read all his other books.

Thank you for the guest. Amazing video.

there should be a rule that all email client applications are required to run in a sandbox regardless of how thoroughly annoying this is.

Guys great show, more info then I can wrap my head around. Will be listening more.

Thanks for the video. I have known about this technology for a while and even had a tech demonstrate it on one of our instructors phone.
Question...if you ditch that smartphone and get a different handset is Pegasus transfered to the new one. Or would that agency have to target the new handset and infect it?
Thankyou!!

Great video many many thanks @David

Thanks for the info

Eye opener content .keep rocking ....

What we need are some huge Class-Action lawsuits against Apple and Google to give them an incentive to make more secure phones.... They will not respond to public pressure, they will only respond to financial pressure.

my mind is never invurniable to the knowledge you guys have...

Great segment! Just curious, is there a tool/app that I can install on either my laptop (connected to my mobile device via USB) or on my mobile that will reveal spyware that has been installed on my mobile device? I take it that something like Pegasus isn't detectable through consumer based anti-virus software. Thank you to you both.

Thank you so much for the great content and this was one of the best

Thanks David your teach us new things for everytime

One of the best OTW videos. Thanks.

Great episode!
Thx

Lol,Love how he's right,He said there's really no way to scan for any of these because when hackers catch wind that you're on to them they jump ship.

You guys together are best ❤❤❤, amazing video ❤❤❤

This couldnt have been timed before! Pegasus was my blindspot.

would it be possible to investigate malware and resend it to the originator by working on the device in a faraday cage and send it when you remove the device from the cage?

Thank you for the video. I am new in hacking and interested in learning. How can i become a student of the facilitator/join his class?? Thanks

Loving these occupy the web videos David!!!!!

Another great episode by OTW 🎉

Always a treat. Thank you so much

hay could you do a practical example of how to set up a subnet. I looked up a few tutorials but they all only explain the theory and how tlit works with IP but no practical examples of how to set it up on routers

In passing I'd really like you to touch up on LOIC(Low Orbit Iron Cannon) and the evolution of DOS/DDOSes.

Everytime you release one of these videos w/ OTW, I get the urge to change my career into cyber security. Thank you for continuing these conversations.

For those not familiar with EquationGroup, that is (in large) the NSA.

The Term (ZERODAY) hence the name (ODAY) meaning that you have "ZERO TIME" to respond to the attack.

100%, one of the best traits one can have working in a technician role is to have the ability to explain seemingly complex concepts in simple terms that executives can understand. * know your audience.

I'd love to see a video on hacking and AI and how crazy things might or could get in the future while we still have the training wheels on for AI? The last part of the video really made me think hmmmm AI hacking big problem?!

I agree with OTW, David Bombal is probably the best UA-cam channel I have come across when it comes to updated information about security, when it comes to other stuff, in my opinion, I prefer John Hammond as my 2nd source for education, and Null Byte as my 3rd

Why isn't it stopped by firewalls or detected by router software?

Said this on Twitter it needs a repeat,Thank you for the birthday courses.

Regards Pegasus if its sending messages back to servers would this traffic not end up detected by BOT activity security? I wounder if Zscaler et al could detect this malicious communication from the device to identify it as compromised?

Fascinating! Can't wait for y'all to cover eternalblue

Is Pegasus II covered in this? Video is in my queue to watch at some point.

Cant get enough of your content gents. More please! You're the perfect combination... IMHO

These types of laundry rooms are standard if you rent your flat. If you own your flat you usually have the washy things inside your flat.

I like that guy just waiting that class in October by what channel

How do i enroll in your courses remotelly or purchase these books as a beginner

How effective is Pegasus malware on linux phones,I know they are not many linux phones but will have the same effect like on apple and android phones?

You know he's serious with that squeaky chair 😅 good watch 👍

This is more exciting and interesting than Netflix! ,

I remember many many years ago, I had to learn how to hack/crack so that I could properly protect clients, I did PEN testing for companies often.

Hello @David
Network Basics for Hackers is not yet available in India yet😢

So if they are using a stingray and someone is outside using their mobile, does that mean they can fake their location/falsify their location to make it look like you are somewhere else, like if someone mysteriously vanishes?

love the book why has it taken so long to share this type of info l would have done this decades ago keep up the good work

Keep it going David !👍

I had it, or something similar, used on my phone back in 2019. My ex's baby daddy was involved in the Cartel in Cbus, Ohio. About 8 months before he got busted, I noticed my phone, my hirls phone, and her sons phone was acting strangly and possibly hacked. I informed her ex of this while dropping her son off one day. Then, all of the sudden. I had several cars following me and my phone was torally acting weird! I was being followed by some group. I think it was the FBI because they busted the Columbus Police Cartel Unit for being crooked about 8 months after her ex was arrested by the Cartel Unit 😮 So, im a believer and i know what they did to me was illegal because i wasnt involved in anything criminal. This needs to stop because it was incredibly frightening!! Good Show guys!

One of those pegasus devs now sells secure phones with Eric Prince (blackwater fame, interview is on the Shawn Ryan show)

Thanks David.

Thanks David, love this content

I am educated every time I open your channel. Thank you, David and OTW. Excellent presentation as always when you and OTW are grouping up fantastic knowledge.

New to the channel. The convos have been very insightful. Much thanksnto your guests for coming on and sharing their knowledge and experiences in the cyber world.
I was wondering, have you every talked with the author of "This Is How They Tell Me The World End",
​NICOLE PERLROTH. I just finished her book. Her breakdown of the cat and mouse for the cyber exploit market is jaw dropping. There were somethings I was aware but she connected the names and marked the timeline for how the market started and has developed over the year.
Would be a interesting guess even though she not a actual hacker.

Uh-Oh! I was so engrossed in the conversation that I nearly committed a thoughtcrime.
(And I'm at home surrounded by my telescreens!)