How To Detect Pegasus Spyware On Android & iPhone

Since yesterday, people have been truly shocked on how governments around the world have been using spyware by the name of Pegasus to keep tabs on vocal critics -- individuals like journalists, activists, politicians etc.

Representational Image: Getty Images

Also Read: What Is Pegasus Spyware: How Does It Hack And Monitor Your Phone?

Developed by Israel’s NSO group, Pegasus is being used by nations like Morocco, UAE, Mexico and several others.

The most recent revelation involving 50,000 phone numbers of potential surveillance targets were discovered by Forbidden Stories and Amnesty International (reported first by the Washington Post and The Guardian).

The spyware has the ability to access all of the data on the individual’s phone -- see what content they download, read their texts despite the messages and platforms being encrypted.

And in case you were wondering if you’re one of the many who are being tracked by their government, Amnesty International has released a tool dubbed the Mobile Verification Toolkit or MVT (highlighted by TechCrunch) that helps you detect just that.

Also Read: Update WhatsApp Now, Or Hackers Will Install Spyware On Your Phone With A Missed Call

The software allows you to create an entire device’s back up and look for any indicators of compromise (or IOC) which are commonly used by NSO to deliver Pegasus.

These include domain names used in NSO infrastructure that one could have received in the form of a text or an email. The tool also allows you to decrypt an encrypted backup on an iPhone without making an entirely new copy.

How to check if your iPhone is infected with Pegasus spyware

Yes, while Apple touts to be secure and everything, Pegasus can breach into the device effortlessly.

In case you wish to look for the spyware on your iOS device, the first thing you need is to get the toolkit ready to scan your device for signs of the aforementioned spyware. For this download Amnesty’s IOCs from this GitHub link.

The toolkit works on the command line so having some coding knowledge could come in handy. You can read the process here to understand the detailed process.

Just run the lines of code and the software should start to look for evidence of compromise. It should take a few minutes to display the results of the scan in a folder.

Also Read: That Israeli Spyware Snooping On Indians? It Probably Originated Closer To Home Than You Think

Getty Images

How to check if your Android phone is infected with Pegasus spyware

The process on Android is similar too, just run the command line as shown here and it should reveal the details in no time.

The process on Android is a bit more complicated, so the way the software works on an Android is a little different. It looks for backups for text messages that have links to the domains used by NSO. The toolkit also looks for malicious APKs or apps that are installed on your device.

You also have the option to scan for malicious applications installed on your device.