Pegasus It is the sophisticated spy software that became popular in Spain when The mobile phones of the president and several ministers of Pedro Sánchez's Government were infectedbetween 2020 and 2021. The tool, developed by the Israeli company NSO in 2011, it can be installed on a device without the victim having to take any action, it is almost undetectable and allows full control by the attacker.
The case of the Spanish Government and the headlines it continues to generate today have made it the best-known spyware and the only one that most people could name. This popularity is now being exploited in a new sextortion campaign. of which the National Cybersecurity Institute.
He INCIBE gives a medium importance -3 out of 5- to this scam in which victims are contacted through an email. This presents subjects such as 'I want to inform you about a very bad situation for you', 'Your payment is pending', 'Waiting for payment' or 'xxxxxxxxxxxxxxx(at)xxxxxxx.xxx(.)xx' and aims to extort the victim by making them believe that their device has been infected with Pegasus. In this way, the attacker He would have obtained intimate recordings of the victim, whom he threatened to spread among all his contacts.unless you make a payment in the Bitcoin cryptocurrency.
To give greater credibility to the scam, in the field of the email sender the sending is simulated from the victim's same accountas if it were a self-sent email, which may lead you to conclude that your device has indeed been infected, even if this is not true.
In one of the examples of this extortion published by INCIBE, the victim is told: 'A few months ago I installed it (Pegasus) on all your devices because you were not very careful when clicking on links on the Internet', which has been monitoring his life since then and has 'recorded many videos of you masturbating watching very controversial porn videos'. In exchange for not sending the alleged videos to the victim's contacts, the scammer asks for $1,490 that the victim must deposit in the Bitcoin wallet provided in the email.
In a second example, there is no reference to Pegasus, but rather talk about a spyware that the scammer himself would have developed and? has been able to bypass the antivirus or any protection on the victim's computer because 'use your own drivers', which is an explanation that makes no head or tail. But these types of scams play what they play. They send massive shipments and, if a small percentage bites, they take it there. In this case, a lower quantity is requested, 750 dollarsin exchange for not disseminating the non-existent intimate videos of the victim.
INCIBE has verified that the account provided for the deposit of Bitcoin It is a digital wallet without funds and has been reported as fraud on one occasion.
If you receive this message and have not fallen into the trap, you must delete it. But if a payment has been made to the scammers, then you have to gather all the evidence—emails, screenshots—and report the scam to the State Security Forces and Bodies.