Reading your texts? Check.
Harvest your photos? Check.
24-hour surveillance? Check.
Pegasus does all this — and more. Developed by Israel’s NSO, Pegasus is the most powerful spyware ever made. Its initial versions used spear phishing — which tricks users into clicking on links for access — to enter your phone (and life). But the Pegasus of today is more lethal by orders of magnitude.
It exploits zero-day vulnerabilities (flaws manufacturers are aware of but don’t have fixes for) to penetrate devices. In fact, Pegasus sent WhatsApp calls to target devices and installed its malicious code. Even Apple — privacy’s standard-setter — fell prey when backdoors in its iMessage service swung open to Pegasus’ deviousness.
The Way Forward
As organizations and individuals worldwide are still reeling from these revelations, the discussion around app security has hit a more stringent note. The conversation is rife with talks of best practices and overhauls of software architecture. As champions of building high security apps ever since we kicked off base, we are more passionate than ever to restart the dialogue around app security. In this article, our team will run you through the best practices one can follow to improve app security.
But First, The App Security Checklist
Although this is not comprehensive by any means, this quick and broad checklist helps you land on your feet when developing your app: