How to Check if Your iPhone Has Been Infected with Pegasus Spyware

BY Sanuj Bhatia

Published 20 Jul 2021

Pegasus spyware has been making headlines for the past few days. The tool developed by Israeli private company NSO has been accused of collecting the personal data of thousands of journalists, human rights activists, and politicians. Though highly unlikely, Amnesty International has developed a tool that lets you check if your iPhone has been infected with the Pegasus spyware.

According to the reports that came out yesterday, Pegasus spyware made it inside the victims’ iPhones by the iMessage zero-click exploit, which was thought to be fixed. After these allegations, Apple’s head of security Ivan Krstić said that the exploit isn’t a threat “to the most.”

Though it is highly unlikely that the Pegasus spyware is installed on your iPhone, Amnesty International has developed a tool that lets you check your iPhone for the spyware.

The toolkit, known as Mobile Verification Toolkit, isn’t a piece of software that you can install on your iPhone and check for spyware. It works via the command-line tool on your laptop and requires your iPhone to be connected via the cable. TechCrunch was able to get the toolkit working on their iPhone (via the command-line tool).

“MVT will let you take an entire iPhone backup (or a full system dump if you jailbreak your phone) and feed in for any indicators of compromise (IOCs) known to be used by NSO to deliver Pegasus, such as domain names used in NSO’s infrastructure that might be sent by text message or email. If you have an encrypted iPhone backup, you can also use MVT to decrypt your backup without having to make a whole new copy.”

The toolkit works by checking the backup file of your iPhone. It feeds Amnesty’s IOCs into the iPhone backup file and checks if there are any traces of the spyware in it. Moreover, if your iPhone is jailbroken, you can dump the full filesystem onto the tool and it will provide better (and accurate) results.

There has been some misreporting about the toolkit. The tool is said to be working better on iPhone, which has led many people to think that iPhones are more vulnerable to the spyware as compared to the Android phones. However, this isn’t the case. The truth is that Amnesty focused its efforts on iPhones, and since iPhones provide a better (and secure) system as compared to Android, the toolkit makes it easier to detect when a phone has been compromised.

The toolkit works on Android as well, but it might not provide 100% accurate results.

[Via TechCrunch]

Want to know more about Apple Products?

We launch new articles subscribe and get updated. MAX 1 email a week. No spam, ever.

Researcher Claims Apple Will Have to ‘Re-Write iMessage Codebase’ to Combat Pegasus Spyware

Sanuj Bhatia

Apple Says iMessage Zero-Click Exploit Used in Pegasus Hack Is ‘Not a Threat’ to Most

Sanuj Bhatia

Report: Pegasus Spyware Hack Based on Zero-Click iOS 14.6 iMessage Exploit Sold to Governments Worldwide

Sanuj Bhatia

Security Researcher ‘Feels Robbed’ After Apple Refuses to Pay Bug Bounty

Mahit Huilgol

IPAD PRO 2

Oct 30, 2016

11 Must Have Apps for Apple Pencil and iPad Pro Users

Khamosh Pathak

iPad Pro is a beast of a machine. Yes, it runs iOS but don’t let that fool you. iOS has many ways to be productive and for doing creative work. Granted, it’s different

MACOS

Jun 13, 2016

‘Apple File System’ Is the Company’s New File System for watchOS, iOS, tvOS, and macOS

Rajesh Pandey

It has long been rumored that Apple is working on a new file system to replace the archaic HFS+ file system that macOS currently uses. The company was expected to announce a new file system

APPLE NEWS

Mar 16, 2015

‘Apple Global Volunteer Program’ will let employees sign up to help local communities

Evan Selleck

Apple is no stranger to donating large sums of money to a cause, or to even help diversification within the tech industry. But now it's aiming to donate some individual human hours as well,