Monday, Feb 06, 2023

NSO’s Pegasus spyware: This toolkit can scan Android, iOS devices for possible infection

There is an option to check for Pegasus spyware on your phone with a toolkit developed by researchers at Amnesty International.

pegasus, spyware,Here's how you can check if your device is infected with the Pegasus Spyware tool. (Representational, File)

Pegasus spyware by Israel’s NSO Group is once again in focus after global reports have revealed how it was used to spy on journalists, ministers and businessmen. The tool is reportedly capable of complete data extraction from a victim’s phone, including calls and texts.

According to Amnesty International, which carried out a technical and forensic analysis of many infected phones, they have observed instances of Pegasus infecting devices with a ‘zero-click’ operation, meaning that the victim does not need to interact with the malicious link.

While checking if your phone is infected with the Pegasus spyware isn’t an easy task, it is possible thanks to researchers at Amnesty, who have worked on a toolkit called MVT or Mobile Verification Toolkit. Interestingly, the tool can also check for other malicious apps on the device as well.

How to check if your phone is infected with Pegasus Spyware?

The open-source toolkit is available on Github for anyone curious to have a peek, inspect it and verify its reliability.  The project is available on Github here. In order to successfully run the device checkup, you will need to some understanding of running line code in order to use the tool.

Subscriber Only Stories
In Jharkhand district, block-level clubs help elderly deal with loneliness
Delhi Confidential: PM Modi, top leaders attend Nadda wedding, but QR cod...
Kerala has a drug problem: 300% jump in cases over six years; arrests inc...
Andhra’s Guaranteed Pension Scheme model catches the attention of Centre

The Mobile Verification Toolkit can be found for both iOS and Android devices, but the process is is a complicated one and requires some prior expertise and experience in the area. Also keep in mind that for Android devices running forensics is much harder given the data logs are not always present. On iOS, the logs are stored for a much longer period. This is also the reason why Amnesty was able to find evidence of Pegasus more easily on iPhones.

To install the toolkit, users need to first install a Python Package which is available on the MVT (Mobile Verification Toolkit) website. You’ll also find instructions on installation on the website.

You will also need to take a full backup of your iOS device as well for the tool to analyse. Keep in mind that for MacOS users running MVT needs Xcode and homebrew to be installed.


Also, Amnesty make its clear that while “MVT is capable of extracting and processing various types of very personal records typically found on a mobile phone (such as calls history, SMS and WhatsApp messages, etc.),” the tool is only meant for users who wish to check this out on their own.

It is not meant to “facilitate adversial forensics of non-consenting individuals’ devices,” and using it to “extract and/or analyse data originating from devices used by individuals not consenting to the procedure is explicitly prohibited in the license.” So using the tool to extract data from someone else’s device without their knowledge is a strict no-no. Keep in mind that not Pegasus is not a ‘mass’ surveillance tool yet, given its prohibitive costs. Each license typically costs hundreds of thousands of dollars, and is not meant to target every single user.

First published on: 20-07-2021 at 19:09 IST
Next Story

‘Adults must limit social engagements to reduce Covid-19 risk in kids’

Latest Comment
Post Comment
Read Comments