Israeli NSO group Pegasus spyware is back in the spotlight after global reports revealed how it was used to spy on journalists, ministers and businessmen. The device is reported to have the ability to completely extract data from the victim’s phone, including calls and texts.
According to Amnesty International, which has conducted technical and forensic analysis of a number of infected phones, they have observed cases where Pegasus devices have been infected with a ‘zero-click’ operation, which means that the victim does not need to be exposed to malicious links.
Checking your phone for Pegasus spyware is not an easy task, thanks to researchers at Amnesty International who worked with the MVT or Mobile Verification Toolkit. Note that the device can also scan for other malicious applications on the device.
Curiosity has an open-source toolkit available to take a look at, test, and verify its reliability. The project is available at GitHub here. To run Device Test successfully, you need to have some understanding of running line code to use the device.
The mobile verification toolkit for iOS and Android devices can be found, but the process is complicated and requires some prior expertise and experience in the area. Also keep in mind that forensics is very difficult for Android devices as data logs are not always available. On iOS, logs are stored longer. This is one of the reasons why Amnesty International has so easily found evidence of Pegasus on iPhones.