Pegasus is used around the world to hack people's phones. It's extremely dangerous and can be used to control a phone remotely without the user knowing that is running. Big thanks to Brilliant for sponsoring this video! Get started with a free 30 day trial and 20% discount: brilliant.org/DavidBombal // Mr Robot Playlist // ruclips.net/p/PLhfrWIlLOoKNYR8uvEXSAzDfKGAPIDB8q // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal RUclips: ruclips.net/user/davidbombal // Occupy The Web social // Twitter: twitter.com/three_cube // OTW Discount // Use the code BOMBAL to get a 20% discount off anything from OTW's website: davidbombal.wiki/otw // Occupy The Web books // Linux Basics for Hackers: amzn.to/3JlAQXe Getting Started Becoming a Master Hacker: amzn.to/3qCQbvh Top Hacking Books you need to read: ruclips.net/video/trPJaCGBbKU/видео.html // Other books // The Linux Command Line: amzn.to/3ihGP3j How Linux Works: amzn.to/3qeCHoY The Car Hacker’s Handbook by Craig Smith: amzn.to/3pBESSM Hacking Connected Cars by Alissa Knight: amzn.to/3dDUZN8 // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 00:00 - Intro 00:22 - Brilliant Add 01:59 - OTW Books 03:54 - Pegasus overview 06:54 - Pegasus info 07:40 - Pegasus in use 08:56 - Human rights 09:25 - 0 Day malware 13:33 - Original Pegasus 1 click exploit 14:30 - How it works 16:52 - Remote access 17:48 - Malware links 19:30 - Femtocell 21:01 - Stingray 22:10 - How they work 23:50 - Pegasus 0 click exploit 24:55 - Pegasus malware 25:29 - Human rights 26:51 - ISO/Android vs malware 27:40 - Governments 29:19 - What can we do? 30:35 - Be responsible 32:01 - Governments and malware 32:51 - NSO 35:14 - Privacy 36:03 - Command and control 37:36 - Processes 38:38 - NSO developers 38:53 - Expectations 40:30 - Social engineering 43:04 Eternal blue 44:25 Chrysaor 45:23 Outro thoughts pegasus spyware hacking hacker malware Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only.
It's extremely dangerous but the pegasus issue is largely a media red herring to avoid discussion of 5 eyes (14 eyes) epic global spying. Why western media don't like Pegasus is someone is cutting into their spying grass. Either end spying globally, including downscaling organizations like NSA, GHCQ, and Chinese, Russian and other large counterparts or a natural consequence is other countries will spy on the countries that lament about spying then hypocritically spy. Perhaps Pegasus democratization of spying will be a wake up call for the governments of 14 eyes nations. If foreign governments are tapping their own phones, like they have been doing ot others for decades, then maybe they will see why mass computer surveillance they'be been doing of foreign states is morally wrong. Mind you that's wishful thinking. What's more likely to happen is virtue signalling hypocrisy.
Funny.. see how easy it is to deactivate all google apps and try to go deep in your android with developer settings enabled. Try to disable google.android.gms.persistence So who is spying on you? Who does most governments work closely with?... But why be scared about someone spying on you if you not harming anyone?
When a government commissions anything for use, their justification is always "it will be used against our enemies" but invariably it will always be turned inwards against it's own people.
And yet blanket geo location warrents are done almost every day with out legal ramifications, from the gov.... its by the gov....on the USA...by the USA orders..... 🍿🍿🍿🍿🍿🍿🍿🍿
We need to stop treating phones as secure devices. The mindset has to change. I don't keep any sensitive data on my phone, my cameras have tapes on them etc.
Dear David and OTW, you guys together are amazing! Hope this collaboration will continue for a long time, because I’m looking forward to any new video you guys work on! Great job!
if you degoogle a vivi phone or a sony xperia z3 (deactivate and delete all google services from base android, and install a kali linux nethunter pkg and bye to android, flash the drive first, then you can protect yourself and even respond with an exploit
Mann your community, the majority of IT community, David B, OTW, and etc all dropping diamond and gems!! Letting us know how to win!! We need more people like y’all mann!! God bless y’all!! We appreciate you David and OTW!!!
That was an awesome interview Dave. My best wishes to Neal, stay positive, fast 2 days at least a week exercise a lot , green diet , less sugar and red meat, a lot of water . Win your life back don’t give up and you will a champion in Golf as you are In Cybersecurity. All the best.
Dear Mr. Bomball and Mr. OccupyTheWeb, Thank you for educating us on these issues. I would like to kindly please you to teach us how we can technically detect such spywares on our phones? What lessons or tutorials should we learn in order to find out whether our phones are being spied? Please help us learning that great area of cyber security.
@@davidbombal Agreed, one of the reasons I don't use anything made by Apple. Their code is dog s**t. 100% believe it's harder to pwn an android these days.
@David Bombal I understand, but I disagree with OTW over several things. I would ask specifically what you think makes ios stronger when it has so many issues. Specifically with webkit, unused features in code, poor code review, and also very slow patch times.
Technical details aside, it's easier to make mistakes on an android because your phone allows you to. A lot of iOS security is designed around blocking you from compromising your device. Android doesn't tend to care beyond asking "Are you sure?"
It's alarming to think about the misuse of tools like Pegasus spyware, especially when it comes to infringing on individual privacy and human rights. I'd say "unbelievable", but sadly... Its not.
Back in the DOS days, PC Tools, did a program byte count of the code in a software product. If the scanner found a different number of code bytes, say less or more, than the original known ( size ) of the code including key, count, it would send up the red flag. Think about thar for a second. One way to detect key loggers is get your hard drive used information motion, type 100 words on notepad, the delete it, re read hard drive bytes used,if it's the same count after you erased it, that's good, but if now you drive says it's more than the count you first logged, say about the amount you typed in, I would suspect a keylogger installed. Keep a watchful eye on disk storage usage. It's a pain, but.
Everytime you release one of these videos w/ OTW, I get the urge to change my career into cyber security. Thank you for continuing these conversations.
What we need are some huge Class-Action lawsuits against Apple and Google to give them an incentive to make more secure phones.... They will not respond to public pressure, they will only respond to financial pressure.
Thank you Most is far over my head(" I am learning a few things from your presentation,things I wondered about, some confirmed, and more questions to be fulfilled ("
Thank you, David, for another brilliant video! I always feel just a little bit smarter, much more hungry and inspired to learn more. OTW's classes are top notch! You are the best! Cheers!!
Regards Pegasus if its sending messages back to servers would this traffic not end up detected by BOT activity security? I wounder if Zscaler et al could detect this malicious communication from the device to identify it as compromised?
Getting a search warrant to surveil a subject should not include the use of a Stingray! All the phones in the area will connect to it. LEOs don't have a search warrant for everyone in the transceiver area!
They have stuff way better than stingrays now. They also have CelleBrite. If they get your phone for even a second, they plug it in, and that’s all she wrote.
Indeed but here’s the thing the patriot act that we allowed them to pass gave them all the authority they need without a warrant to listen to us post 9/11 given the name of the bill was a false narrative but whatever we only have ourselves to blame and the attitude of “if your not doing anything wrong you don’t have nothing to hide” what a bunch of morons
Thanks for the upload! I know most of the stuff discussed, but it was interesting to be able to confirm my understanding was correct. I hope such videos get more attention and people stop clicking on links outside a sandbox, at the very least!
indeed, and it’s also good to hear other peoples take on it, even though it align with what one has already understood, it’s nice to hear somebody else explain it from their way of explaining
Super insightful, never knew this type of spyware or stingray! Still my biggest concern is just as Occupy mentioned, big bro sniffing around your web activity, tweaking your feed. Given that there isn't much one should worry if they aren't breaking any laws, the simply thought of it could induce serious paranoia. Lets be real here, if someone can push specific content to your feed is kinda scary man. I get the marketing pov, but i miss the internet from early 2000s. anywho, solid content!!
I agree with OTW, David Bombal is probably the best RUclips channel I have come across when it comes to updated information about security, when it comes to other stuff, in my opinion, I prefer John Hammond as my 2nd source for education, and Null Byte as my 3rd
My iphone has been having these issues. I deleted the email associated with that account and it locked my iphone. This should completely disable messaging but it turns on by itself when I turn I off. Also my voicemail box was set up Andi purposely didn't activate it. I need help but I don't know what to do as the police want proof... But proof they understand apparently. Any advice would be so grateful
I had it, or something similar, used on my phone back in 2019. My ex's baby daddy was involved in the Cartel in Cbus, Ohio. About 8 months before he got busted, I noticed my phone, my hirls phone, and her sons phone was acting strangly and possibly hacked. I informed her ex of this while dropping her son off one day. Then, all of the sudden. I had several cars following me and my phone was torally acting weird! I was being followed by some group. I think it was the FBI because they busted the Columbus Police Cartel Unit for being crooked about 8 months after her ex was arrested by the Cartel Unit 😮 So, im a believer and i know what they did to me was illegal because i wasnt involved in anything criminal. This needs to stop because it was incredibly frightening!! Good Show guys!
It makes no sense to "ban" a spyware. No spyware can do anything, unless there is an exploit it can use to even get on the phone and every exploit is fixable. The problem is never the spyware, the problem is the existence of exploits, which vendors are not aware of or even worse, they are aware of but don't fix them. If you ban Pegasus but don't fix the exploits, then dozens of other spywares will use these exploits and once a spyware can install and run any software it wants on your phone, they are all the same. Pegasus cannot magically do things other spyware would not equally be capable of by just installing more code. If you fix all exploits Pegasus currently uses and they don't find any new ones, then there is no way they can install Pegasus behind your back on your phone, it's that simple. Then only you yourself can do that.
Thanks David Bombal, just one quick request. Next time you interview OTW, can you ask about the release date of 'cyberwarrior handbook'?, because I already have read all his other books.
When I got a device that monitors my data usage (up and down) in the upper right hand corner, bc it is integrated in my custom Rom and I'm not doing anything, then "sb listening to my mic or taking pictures/a video of me" (I got stickers), will result in data usage, which I will notice eventually.
David I luv all your shows specially the ones with occupied the web as yous even taught me how 2 boot kali 2 my lap top im a beginner & use explain things so easy and simple that I can understand so for the beginners that just starting and want 2 learn Dave Bombal you tube Chanel is my Number 1 luv you bro & thank you...🎉😊❤
Hey David first im learning from you and your videos for years and I'm fascinating by social engineer you have any recommendation on specific place that i can learn more about this skill and upgrade my self bit more?
would it be possible to investigate malware and resend it to the originator by working on the device in a faraday cage and send it when you remove the device from the cage?
I am educated every time I open your channel. Thank you, David and OTW. Excellent presentation as always when you and OTW are grouping up fantastic knowledge.
hay could you do a practical example of how to set up a subnet. I looked up a few tutorials but they all only explain the theory and how tlit works with IP but no practical examples of how to set it up on routers
Thanks for the video. I have known about this technology for a while and even had a tech demonstrate it on one of our instructors phone. Question...if you ditch that smartphone and get a different handset is Pegasus transfered to the new one. Or would that agency have to target the new handset and infect it? Thankyou!!
Could we make a software that scans the number of code running in the phone and then if any other code wants to run on the device the software would stop it. like a gate keeper. for pegasus.
I was staying at a hotel one time and overnight the first night, I got an alert that my phone had used 50GB of mobile data. If I recall correctly, I had tried to join a wireless network at the airport that was not successful. Always wondered what the heck it was that happened. I figure either my phone was hacked and they got all my pics including nudes lol. Or the only other possibility is that I fell asleep as I was browsing a web page that had some videos and things playing, and maybe that stupid website was downloading crap ads and videos all night.
Another sleek way thats kind of a no-click , that people can use is Stenography , it's basically a way of embedding malware into certain types of files but mostly Photos like png . Img . ect and it makes it at least less suspicious and more susceptible to being clicked on , but it's also more likely to be blocked or detected by antivirus software , but it's definitely effective if you can send it to someone as a photo of something and essentially opening up the different places you could send it , like through a text message or even in a social networking app or chat
But those don't actually execute easily. You have to run software to extract the executable from the image file. Unless there is a vulnerability in a piece of software that leads to the execution of that, it doesn't help at all
47:40 does that not make it easier to detect? If you catalogue native and known processes then you just kill all unknown or wrongly named ones and job done.
I had a iphone 12 around the time this video came out and i got on my phone and it was in the files and the only file that was there was Pegasus, i tried to factory reset but my phones screen flashed and i was at the startup screen that said my phone was locked due to the passcode being changed...
Thank you David and OTW, for making people aware of this super powerful and irresponsible weapon against the people and our basic rights. This content is super important.
So if they are using a stingray and someone is outside using their mobile, does that mean they can fake their location/falsify their location to make it look like you are somewhere else, like if someone mysteriously vanishes?
The copper lines have been removed, and the phone exchange have been digitised, so there aren't any such rotary phones anymore. You probably have to revert to pencil and paper.
I was really curious and just thought about it today about how is that even legal use 0 days or 0 clicks vuln's against targets because it basically sell black hat service as a legit company.. so i was really confused by that.. (I'm Israeli myself and it was really interesting to understand those things)
![BLACK BAG - Official Trailer [HD] - Only in Theaters March 14](http://i.ytimg.com/vi/Du0Xp8WX_7I/mqdefault.jpg)
Pegasus is used around the world to hack people's phones. It's extremely dangerous and can be used to control a phone remotely without the user knowing that is running.
Big thanks to Brilliant for sponsoring this video! Get started with a free 30 day trial and 20% discount: brilliant.org/DavidBombal
// Mr Robot Playlist //
ruclips.net/p/PLhfrWIlLOoKNYR8uvEXSAzDfKGAPIDB8q
// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
RUclips: ruclips.net/user/davidbombal
// Occupy The Web social //
Twitter: twitter.com/three_cube
// OTW Discount //
Use the code BOMBAL to get a 20% discount off anything from OTW's website: davidbombal.wiki/otw
// Occupy The Web books //
Linux Basics for Hackers: amzn.to/3JlAQXe
Getting Started Becoming a Master Hacker: amzn.to/3qCQbvh
Top Hacking Books you need to read: ruclips.net/video/trPJaCGBbKU/видео.html
// Other books //
The Linux Command Line: amzn.to/3ihGP3j
How Linux Works: amzn.to/3qeCHoY
The Car Hacker’s Handbook by Craig Smith: amzn.to/3pBESSM
Hacking Connected Cars by Alissa Knight: amzn.to/3dDUZN8
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Intro
00:22 - Brilliant Add
01:59 - OTW Books
03:54 - Pegasus overview
06:54 - Pegasus info
07:40 - Pegasus in use
08:56 - Human rights
09:25 - 0 Day malware
13:33 - Original Pegasus 1 click exploit
14:30 - How it works
16:52 - Remote access
17:48 - Malware links
19:30 - Femtocell
21:01 - Stingray
22:10 - How they work
23:50 - Pegasus 0 click exploit
24:55 - Pegasus malware
25:29 - Human rights
26:51 - ISO/Android vs malware
27:40 - Governments
29:19 - What can we do?
30:35 - Be responsible
32:01 - Governments and malware
32:51 - NSO
35:14 - Privacy
36:03 - Command and control
37:36 - Processes
38:38 - NSO developers
38:53 - Expectations
40:30 - Social engineering
43:04 Eternal blue
44:25 Chrysaor
45:23 Outro thoughts
pegasus
spyware
hacking
hacker
malware
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.
It's extremely dangerous but the pegasus issue is largely a media red herring to avoid discussion of 5 eyes (14 eyes) epic global spying. Why western media don't like Pegasus is someone is cutting into their spying grass. Either end spying globally, including downscaling organizations like NSA, GHCQ, and Chinese, Russian and other large counterparts or a natural consequence is other countries will spy on the countries that lament about spying then hypocritically spy.
Perhaps Pegasus democratization of spying will be a wake up call for the governments of 14 eyes nations. If foreign governments are tapping their own phones, like they have been doing ot others for decades, then maybe they will see why mass computer surveillance they'be been doing of foreign states is morally wrong. Mind you that's wishful thinking. What's more likely to happen is virtue signalling hypocrisy.
How do you even find out if your phone is infected by pegasus?
yep good old pegasus among I think there was one other big one. good ol' Mossad :)
Funny.. see how easy it is to deactivate all google apps and try to go deep in your android with developer settings enabled.
Try to disable google.android.gms.persistence
So who is spying on you?
Who does most governments work closely with?...
But why be scared about someone spying on you if you not harming anyone?
What about Palantir? The number one spy tool that the Government's are using today.
This feels like a honeypot 😂
When these two get together, it ALWAYS seems to end too soon....just can't get enough. Thanks guys!
❤❤❤ FROM SOFIA, BULGARIA 🇧🇬
When a government commissions anything for use, their justification is always "it will be used against our enemies" but invariably it will always be turned inwards against it's own people.
The way it seems to generally work is
>design weapon
>use weapon against enemy
>Enemy loses
>"Now i have nobody to use this on"
>Uses it on us
I AGREE ❤ FROM SOFIA, BULGARIA 🇧🇬
Privacy is one of the most fundamental human rights
❤Yes!
(US "Patriot Act" rolling on it like a tank)
privacy is a facade
And yet blanket geo location warrents are done almost every day with out legal ramifications, from the gov.... its by the gov....on the USA...by the USA orders..... 🍿🍿🍿🍿🍿🍿🍿🍿
@@sefzxm6486definitely seems that way
We need to stop treating phones as secure devices. The mindset has to change. I don't keep any sensitive data on my phone, my cameras have tapes on them etc.
What is a "secure device"? I was taught security is merely a state of mind.
Dear David and OTW, you guys together are amazing! Hope this collaboration will continue for a long time, because I’m looking forward to any new video you guys work on! Great job!
It’s always a good time with David and OccupyTheWeb!
if you degoogle a vivi phone or a sony xperia z3 (deactivate and delete all google services from base android, and install a kali linux nethunter pkg and bye to android, flash the drive first, then you can protect yourself and even respond with an exploit
Thank you, both of you for addressing this issue and educating us
You're welcome! OTW has an amazing wealth of knowledge and it's great to have him share it with all of us! 😀
@@davidbombalalways looking forward for your videos 🙏🏻
❤❤❤ FROM SOFIA, BULGARIA 🇧🇬
@@davidbombalTHANKS ❤❤❤ FROM SOFIA, BULGARIA 🇧🇬 ❤️ 💖 ❤
The problem is not Pegasus, it is phone makers that don’t let you install a proper firewall and a proper app locker.
it can also be a problem with pegasus. Anyone can use it if you have the money (a lot of money as its license is around 600k for the base version).
Yes
But you can control your phone with a rooted device and learn about android system
Pegasus attacks the hardware
I believe someone once said "you control the endpoint, you control the network?"
@@RANSOME99 yeah like elliot from mr robot or something, maybe Otw
Thinking that the government or corporations care, and are not one and the same, is foolish. There is no privacy period. Thanks for both of your work.
haha. many people think they do. But as you say, they do not
But they’ll sell it to you 😂😂😂
Mann your community, the majority of IT community, David B, OTW, and etc all dropping diamond and gems!! Letting us know how to win!! We need more people like y’all mann!! God bless y’all!! We appreciate you David and OTW!!!
I think bringing awareness to things like this is the first step to implementing policies to help protect privacy rights for people
You and Occupy the web are a great combo for sure. Well done
OTW is the Best!
That was an awesome interview Dave.
My best wishes to Neal, stay positive, fast 2 days at least a week exercise a lot , green diet , less sugar and red meat, a lot of water .
Win your life back don’t give up and you will a champion in Golf as you are In Cybersecurity.
All the best.
Dear Mr. Bomball and Mr. OccupyTheWeb,
Thank you for educating us on these issues. I would like to kindly please you to teach us how we can technically detect such spywares on our phones? What lessons or tutorials should we learn in order to find out whether our phones are being spied? Please help us learning that great area of cyber security.
thats a great question i would also like the answer to
Yes!!!
wireshark type apps
Many thanks to you two David & OTW, your collaboration is always top-notch.👌 Keep up the good work. 🙏🙏
What's crazy is there are probably 10 or more that we don't know about. Great video David.
That is a worry 😢
@@davidbombal Agreed, one of the reasons I don't use anything made by Apple. Their code is dog s**t. 100% believe it's harder to pwn an android these days.
@@camelotenglishtuition6394 OTW disagrees with you. And I think many other people do too and say that Android is more vulnerable.
@David Bombal I understand, but I disagree with OTW over several things. I would ask specifically what you think makes ios stronger when it has so many issues. Specifically with webkit, unused features in code, poor code review, and also very slow patch times.
Technical details aside, it's easier to make mistakes on an android because your phone allows you to. A lot of iOS security is designed around blocking you from compromising your device. Android doesn't tend to care beyond asking "Are you sure?"
It's alarming to think about the misuse of tools like Pegasus spyware, especially when it comes to infringing on individual privacy and human rights. I'd say "unbelievable", but sadly... Its not.
It was created for misuse
Misuse?
Both your content and OTW content are addictive-especially helpful to gain value when you’re hooked, though 🙌🏽
Thanks a lot David, awesome content as usual. I would love to see you interviewing Ryan Montgomery!
Hopefully soon 😀
I've had 13 years of this abuse. It's brutal. I'm glad you're talking about this.
thank you for bringing back OTW
Back in the DOS days, PC Tools, did a program byte count of the code in a software product. If the scanner found a different number of code bytes, say less or more, than the original known ( size ) of the code including key, count, it would send up the red flag. Think about thar for a second. One way to detect key loggers is get your hard drive used information motion, type 100 words on notepad, the delete it, re read hard drive bytes used,if it's the same count after you erased it, that's good, but if now you drive says it's more than the count you first logged, say about the amount you typed in, I would suspect a keylogger installed. Keep a watchful eye on disk storage usage. It's a pain, but.
Everytime you release one of these videos w/ OTW, I get the urge to change my career into cyber security. Thank you for continuing these conversations.
Same lol😂😂😂
What we need are some huge Class-Action lawsuits against Apple and Google to give them an incentive to make more secure phones.... They will not respond to public pressure, they will only respond to financial pressure.
Google makes some of the most secure phones available given the right care. Its all about hardware.
so what you want them to do? they patch as soon as it is found. They can't test every vulnerability in house.
And Samsung
Thank you
Most is far over my head("
I am learning a few things from your presentation,things I wondered about, some confirmed, and more questions to be fulfilled ("
As always thank you both so much for the content!! Amazing as always! Happy Father's day yall and all other fathers out there!
Same to you! Thank you!
Random country buys Pegasus to track people: OH NO!
Poles: First time?
Thank you so much for the great content and this was one of the best
Thank you! Glad you enjoyed it!
Thank you, David, for another brilliant video! I always feel just a little bit smarter, much more hungry and inspired to learn more. OTW's classes are top notch! You are the best! Cheers!!
Regards Pegasus if its sending messages back to servers would this traffic not end up detected by BOT activity security? I wounder if Zscaler et al could detect this malicious communication from the device to identify it as compromised?
I am so happy to have found your channel. #1 favorite content! Thanks so much!
Thank you so much! 😀
Another great video David. OTW is correct you do have the best YT channel for cyber
How effective is Pegasus malware on linux phones,I know they are not many linux phones but will have the same effect like on apple and android phones?
there should be a rule that all email client applications are required to run in a sandbox regardless of how thoroughly annoying this is.
22:07 or you turn off mobile data while at home to prevent your device from connecting to the strongest signal.
Getting a search warrant to surveil a subject should not include the use of a Stingray! All the phones in the area will connect to it. LEOs don't have a search warrant for everyone in the transceiver area!
@@Andrew-zy7jz Local LEOs can’t get one.
They have stuff way better than stingrays now. They also have CelleBrite. If they get your phone for even a second, they plug it in, and that’s all she wrote.
Indeed but here’s the thing the patriot act that we allowed them to pass gave them all the authority they need without a warrant to listen to us post 9/11 given the name of the bill was a false narrative but whatever we only have ourselves to blame and the attitude of “if your not doing anything wrong you don’t have nothing to hide” what a bunch of morons
Top content David....Love the videos you collaborate with OTW.
Thanks for the upload! I know most of the stuff discussed, but it was interesting to be able to confirm my understanding was correct. I hope such videos get more attention and people stop clicking on links outside a sandbox, at the very least!
indeed, and it’s also good to hear other peoples take on it, even though it align with what one has already understood, it’s nice to hear somebody else explain it from their way of explaining
Welcome back Master OTW
Thnkz both of u ...
This is real content!!! Thanks David and OTW sharing all your knowledge.
Super insightful, never knew this type of spyware or stingray! Still my biggest concern is just as Occupy mentioned, big bro sniffing around your web activity, tweaking your feed. Given that there isn't much one should worry if they aren't breaking any laws, the simply thought of it could induce serious paranoia.
Lets be real here, if someone can push specific content to your feed is kinda scary man. I get the marketing pov, but i miss the internet from early 2000s. anywho, solid content!!
I agree with OTW, David Bombal is probably the best RUclips channel I have come across when it comes to updated information about security, when it comes to other stuff, in my opinion, I prefer John Hammond as my 2nd source for education, and Null Byte as my 3rd
My iphone has been having these issues. I deleted the email associated with that account and it locked my iphone. This should completely disable messaging but it turns on by itself when I turn I off. Also my voicemail box was set up Andi purposely didn't activate it. I need help but I don't know what to do as the police want proof... But proof they understand apparently.
Any advice would be so grateful
I had it, or something similar, used on my phone back in 2019. My ex's baby daddy was involved in the Cartel in Cbus, Ohio. About 8 months before he got busted, I noticed my phone, my hirls phone, and her sons phone was acting strangly and possibly hacked. I informed her ex of this while dropping her son off one day. Then, all of the sudden. I had several cars following me and my phone was torally acting weird! I was being followed by some group. I think it was the FBI because they busted the Columbus Police Cartel Unit for being crooked about 8 months after her ex was arrested by the Cartel Unit 😮 So, im a believer and i know what they did to me was illegal because i wasnt involved in anything criminal. This needs to stop because it was incredibly frightening!! Good Show guys!
Why isn't it stopped by firewalls or detected by router software?
Legendary thanks David. From south Australia at work chatting about u Chanel interesting hey many people watching u Chanel
It makes no sense to "ban" a spyware. No spyware can do anything, unless there is an exploit it can use to even get on the phone and every exploit is fixable. The problem is never the spyware, the problem is the existence of exploits, which vendors are not aware of or even worse, they are aware of but don't fix them. If you ban Pegasus but don't fix the exploits, then dozens of other spywares will use these exploits and once a spyware can install and run any software it wants on your phone, they are all the same. Pegasus cannot magically do things other spyware would not equally be capable of by just installing more code. If you fix all exploits Pegasus currently uses and they don't find any new ones, then there is no way they can install Pegasus behind your back on your phone, it's that simple. Then only you yourself can do that.
we all love our great teacher, doing a great job and educating about digital era and talking about privacy that is core thing for human society .
That would be great a technical demostration of Eternal blue ! we will wait for the session David,
Thanks David Bombal, just one quick request. Next time you interview OTW, can you ask about the release date of 'cyberwarrior handbook'?, because I already have read all his other books.
This couldnt have been timed before! Pegasus was my blindspot.
Always a treat. Thank you so much
Thank you Derrick!
Thank you for the guest. Amazing video.
Loving these occupy the web videos David!!!!!
When I got a device that monitors my data usage (up and down) in the upper right hand corner, bc it is integrated in my custom Rom and I'm not doing anything, then "sb listening to my mic or taking pictures/a video of me" (I got stickers), will result in data usage, which I will notice eventually.
Hi.Thanks for very in-depth video. If I have installed a distro such as arch linux on MY phone, then access still be gained to your phone?
Looking forward to Occupy the web talking On the AIGC era we are living in & how it impacts different Cybersecurity Fields
David I luv all your shows specially the ones with occupied the web as yous even taught me how 2 boot kali 2 my lap top im a beginner & use explain things so easy and simple that I can understand so for the beginners that just starting and want 2 learn Dave Bombal you tube Chanel is my Number 1 luv you bro & thank you...🎉😊❤
Lol,Love how he's right,He said there's really no way to scan for any of these because when hackers catch wind that you're on to them they jump ship.
Hey David
first im learning from you and your videos for years and I'm fascinating by social engineer
you have any recommendation on specific place that i can learn more about this skill and upgrade my self bit more?
would it be possible to investigate malware and resend it to the originator by working on the device in a faraday cage and send it when you remove the device from the cage?
I am educated every time I open your channel. Thank you, David and OTW. Excellent presentation as always when you and OTW are grouping up fantastic knowledge.
Great to hear that Leroy! OTW is amazing 😀
הפרשן שכח להזכיר שבגרסה האחרונה של פגסוס..היה פשוט ניתן להשתלט על הסמרטפון ללא לחיצה על כלום!
Hi.Thanks for very in-depth video. If I have installed a distro such as arch linux on your phone, then access still be gained to your phone?
hay could you do a practical example of how to set up a subnet. I looked up a few tutorials but they all only explain the theory and how tlit works with IP but no practical examples of how to set it up on routers
Could no-click malware piggybacked onto phone updates sent out by a carrier?
I'm pretty sure any apps or system updates can be poisoned. Any executible code...
there are some tools that can find the pegasus inside of mobiles , ( verification mobil tool ) mvt
What digital forensic tool can we use to locate Pegasus on a cell phone?
Good Luck
Look up MVT by the Amnesty International Security Lab. Not guaranteed though
Thanks for the video. I have known about this technology for a while and even had a tech demonstrate it on one of our instructors phone.
Question...if you ditch that smartphone and get a different handset is Pegasus transfered to the new one. Or would that agency have to target the new handset and infect it?
Thankyou!!
Fantastically informative, thank you for the awesome content.
how do I subscribe for the October course pls?
How do I join the classes or become his student? The link in the desc doesn't work
Always love to listen to otw and David!!
Great video many many thanks @David
You're very welcome!
Could we make a software that scans the number of code running in the phone and then if any other code wants to run on the device the software would stop it. like a gate keeper. for pegasus.
For those that can’t get their hands on pegagus, we have STORM BREAKER
You guys together are best ❤❤❤, amazing video ❤❤❤
I was staying at a hotel one time and overnight the first night, I got an alert that my phone had used 50GB of mobile data. If I recall correctly, I had tried to join a wireless network at the airport that was not successful. Always wondered what the heck it was that happened. I figure either my phone was hacked and they got all my pics including nudes lol. Or the only other possibility is that I fell asleep as I was browsing a web page that had some videos and things playing, and maybe that stupid website was downloading crap ads and videos all night.
thx David for such a good material and thank for the OccupyTheWeb sharing such a good info
Cant get enough of your content gents. More please! You're the perfect combination... IMHO
These types of laundry rooms are standard if you rent your flat. If you own your flat you usually have the washy things inside your flat.
Another sleek way thats kind of a no-click , that people can use is Stenography , it's basically a way of embedding malware into certain types of files but mostly Photos like png . Img . ect and it makes it at least less suspicious and more susceptible to being clicked on , but it's also more likely to be blocked or detected by antivirus software , but it's definitely effective if you can send it to someone as a photo of something and essentially opening up the different places you could send it , like through a text message or even in a social networking app or chat
It's worth mentioning that privacy and open source groups actively reject AVs. It may turn out being effective against them :(.
you're talking about "steGAnography".
Stenography is a way of fast typing
@@adrianalexandrov7730 thanks , yeah the auto correct fucked me up
But those don't actually execute easily. You have to run software to extract the executable from the image file. Unless there is a vulnerability in a piece of software that leads to the execution of that, it doesn't help at all
@@therealb888lmfao li
If you buy a new iPhone 15 or 16 later this year and migrate from your old 13/14 does an exploit migrate also to the new iPhone?
47:40 does that not make it easier to detect? If you catalogue native and known processes then you just kill all unknown or wrongly named ones and job done.
Uh-Oh! I was so engrossed in the conversation that I nearly committed a thoughtcrime.
(And I'm at home surrounded by my telescreens!)
I had a iphone 12 around the time this video came out and i got on my phone and it was in the files and the only file that was there was Pegasus, i tried to factory reset but my phones screen flashed and i was at the startup screen that said my phone was locked due to the passcode being changed...
Guys great show, more info then I can wrap my head around. Will be listening more.
Thank you David and OTW, for making people aware of this super powerful and irresponsible weapon against the people and our basic rights. This content is super important.
So if they are using a stingray and someone is outside using their mobile, does that mean they can fake their location/falsify their location to make it look like you are somewhere else, like if someone mysteriously vanishes?
That's an interesting question
They dont need a "stingray" or femptocell like they talk about in the video. I can do that with a piece of hardware like a hackRF very easy
For those not familiar with EquationGroup, that is (in large) the NSA.
Thank you David i waiting this video 😊 many thanks
Hope you enjoyed it!
How do i enroll in your courses remotelly or purchase these books as a beginner
I'm reverting back to rotary dial phones
The copper lines have been removed, and the phone exchange have been digitised, so there aren't any such rotary phones anymore. You probably have to revert to pencil and paper.
One of the best OTW videos. Thanks.
my mind is never invurniable to the knowledge you guys have...
I was really curious and just thought about it today about how is that even legal use 0 days or 0 clicks vuln's against targets because it basically sell black hat service as a legit company.. so i was really confused by that.. (I'm Israeli myself and it was really interesting to understand those things)
I did not realize sting rays were still legal for law enforcement to use!
Said this on Twitter it needs a repeat,Thank you for the birthday courses.
I think, pagasus can't be used on non-android button phones. Keep multiple phones with different sim cards.
Thank you for the video. I am new in hacking and interested in learning. How can i become a student of the facilitator/join his class?? Thanks
Wow , really interesting topic!!! Thank you
And malware too😂😂😂