Pegasus Malware - How to Check Your Own Phone for it
Last week news broke out that the Pegasus mobile spyware, developed by Israel-based NSO Group for the specific needs of intelligence and law enforcement agencies, has been used on thousands of devices across the world.
Pegasus is consummate mobile spyware - it gives the operator virtually unlimited access to the device and allows for listening in on conversations, access media on the device as well as intercept and access any text correspondence. Even if you have a robust security suite on your device, that won't help much, because Pegasus malware is built to exploit zero-day vulnerabilities that are undocumented, unpatched and generally unknown to both security app makers and the people developing the operating system on your phone, according to a Forbes report on the subject.
Due to the concerns raised by the information that some 50 thousand people across the globe had Pegasus malware on their phones, Amnesty International developed a toolkit that allows users to check for the presence of Pegasus on their devices.
The application is called Mobile Verification Toolkit, or just MVT. Sadly, while the source code is publicly available in a GitHub repository, there are no pre-compiled versions available there and users cannot simply download the app file and deploy it on their device.
If you want to compile the MVT for your own device, you will need to do this on a computer running either Linux or macOS, Forbes reports.
The MVT grabs a copy of all the data stored on the mobile device, examines it in the computer environment, then reports on possible presence of Pegasus malware.
The toolkit attempts to find irregularities in the device data transfer logs. If any text messages, e-mails or call logs were exfiltrated to an external server, this is where possible traces could be found.
Sadly, the fact that the MVT requires considerable knowledge of working with source code and compiling it under specific operating systems and environments, but this is currently the most reliable way to check a device for Pegasus.
The good news is that Pegasus malware is not widely used and is still primarily focused on narrowly targeted surveillance, which means the general population will be well out of the scope of interest for any party operating the spyware.