Back in 2019, Israel-based NSO group’s Pegasus spyware had come into public attention when reports suggested that several journalists and activists were intimated by WhatsApp about their phones being compromised by spyware.
The highly sophisticated surveillance software is again at the centre of a major controversy after global reports have revealed how it was used to spy on journalists, ministers and businessmen. The tool is reportedly capable of complete data extraction from a victim’s phone, including calls and texts.
However, researchers at Amnesty International have developed a device that lets you see if your phone has been targeted by spyware.
Developed by the name of Mobile Verification Toolkit (MVT), this tool helps the user to identify whether his phone has been hacked by Pegasus spyware or not. It works with both Android and iOS devices, although Amnesty said that more forensic traces were found on iPhones than Android devices, which makes it easier to detect on iPhones.
How to check if your phone is infected with Pegasus Spyware?
To install the toolkit, users need to first install a Python Package which is available on the MVT (Mobile Verification Toolkit) website. You’ll also find instructions on installation on the website.
MVT requires at least Python 3.6 to run on the system. MacOS users need to have Xcode and Homebrew installed as well. If you want to view forensic traces on an Android device, you’ll also need to install certain dependencies.
Users have to back up their data to allow MVT to decrypt all files stored locally on their phones to see the Pegasus proofs. However, in the case of a jailbroken iPhone, a full file system dump can also be used for analysis.
Once a backup is created, MVT uses indicators such as domain names and binaries to look for Pegasus related traces of NSO. If you have an encrypted iPhone backup, you can also use MVT to decrypt your backup without having to make a whole new copy…Read more>>