Contact Contact Us

Suspected Pegasus Spyware Infection Found in Singapore, ICA Warns of Fake Visa Application Site

Researchers found suspected infection of the Pegasus spyware in 45 countries, including Singapore. In an operation dubbed MERLION, a threat actor is believed to have been operating the spyware in Singapore since December 2016. Pegasus is developed by Israel-based surveillance technology firm NSO Group and has been used in operations targeted at countries with questionable human rights records. Targets are tricked into clicking a specially crafted exploit kit that uses zero-day exploits to download the spyware. Once installed, Pegasus performs surveillance by siphoning personal data and monitoring voice calls and camera and microphone activity.

The Immigration and Checkpoints Authority (ICA) has warned of a fake visa application site (mom-sg-gov[.]ml) that pilfers visitors’ visa reference numbers and travel document numbers. The ICA said that the official ICA website remains unaffected and no user data has been compromised. The public is advised to use only the official website (www[.]ica[.]gov[.]sg) for all ICA matters.

[1] HIDE AND SEEK: Tracking NSO Group’s Pegasus Spyware to Operations in 45 Countries
[2] ICA warns of fake visa application website posing as official site; police report made

Ensign InfoSecurity Singapore
30A Kallang Place
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883