Government

Suspected Pegasus Spyware Infection Found in Singapore, ICA Warns of Fake Visa Application Site

18 - 25 September 2018

Researchers found suspected infection of the Pegasus spyware in 45 countries, including Singapore.
Researchers found suspected infection of the Pegasus spyware in 45 countries, including Singapore. In an operation dubbed MERLION, a threat actor is believed to have been operating the spyware in Singapore since December 2016. Pegasus is developed by Israel-based surveillance technology firm NSO Group and has been used in operations targeted at countries with questionable human rights records. Targets are tricked into clicking a specially crafted exploit kit that uses zero-day exploits to download the spyware. Once installed, Pegasus performs surveillance by siphoning personal data and monitoring voice calls and camera and microphone activity.

The Immigration and Checkpoints Authority (ICA) has warned of a fake visa application site (mom-sg-gov[.]ml) that pilfers visitors’ visa reference numbers and travel document numbers. The ICA said that the official ICA website remains unaffected and no user data has been compromised. The public is advised to use only the official website (www[.]ica[.]gov[.]sg) for all ICA matters. 

References:
[1] HIDE AND SEEK: Tracking NSO Group’s Pegasus Spyware to Operations in 45 Countries
[2] ICA warns of fake visa application website posing as official site; police report made

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence