The Pegasus spyware incident has sparked much discussion about the depth of the prospect of being tracked no matter who you are or what you do. While the Israeli ONS Pegasus tool is not at all new and knowledge about it has been around for a long time, it is perhaps the most public acceptance of a person’s vulnerability to targeted digital surveillance. With much paranoia, Amnesty International, the organization that has helped publications around the world speak out against the use of Pegasus to track down powerful individuals, including politicians and journalists, has released a Mobile Verification Tool (MVT).
The MVT in question is designed to help you find indications that you have been violated by Pegasus, by looking for key identifiers that can point to the compromise. However, the verification process is not as basic or straightforward as downloading software from a site and running a scan on your device. While all the details are noted in great detail, it is important to note that the Amnesty MVT tool only works at the command line. Therefore, inherently, it is only suitable for advanced users who have previous experience of working from the command line. Alternatively, any user can use the tool, but it would require following the instructions very closely and showing a lot of patience.
How to check for Pegasus violation on iOS
Amnesty’s MVT for Pegasus reveals early on that it works best for iOS devices and isn’t fully effective for Android. Since the security aspect on iPhones came to the fore in light of the Pegasus breach, here’s how you can go about verifying the breach:
- Take an encrypted backup of your iPhone to your Mac or Windows PC. Once the backup is complete, then you will need to find the exact folder where the backup is stored.
- To learn how to perform an encrypted backup, check out Apple’s guide here. To learn how to locate the backup, check out Apple’s post here.
- The next step is to determine your PC’s operating system. If you are using a Mac, install Xcode and Python3. Instructions are given here.
- Windows users will need to install a Linux distribution with their Windows configuration and boot into Linux. Then follow the Linux instructions given here.
- You will then need to install the libimobiledevice utilities, which will be essential for examining the contents of your phone. Click here for instructions.
- It is after this that you can finally run the mvt-ios tool on the backup, which you will need to decrypt first. The decryption process (to be done first) and the mvt-ios inspection are detailed here. Follow the steps and instructions exactly as they come.
- Once the test is run, the command line will ask for a compromised file flag, which will analyze your extracted save records to see if you have also been targeted by Pegasus. Click here to download the file, and once downloaded add the details of where you stored the file on your PC for the program to read. It is always convenient to store such things on the desktop.
- Once the tool is run, you will then be able to see a list of warnings that may indicate suspicious behavior that you have not done. Check the recordings and you will only have reason to worry if you can conclusively see the recorded actions that you never did.
How to check Pegasus on Android
The Android forensic check performed by Amnesty MVT is not as clear or in-depth as iOS, and the process differs as well. Here’s how to do it:
- Connect your phone to a PC and allow access to the file system for the PC on your phone
- You will need to enable developer options by repeatedly tapping your phone’s build number found in the About your phone settings section.
- Once enabled, go to developer options and enable USB debugging
- You can then activate the mvt-android tool, which will download APK files from your phone to analyze them for any violations. Click here for the whole process
Thanks for reading until the end of this article. For more informative and exclusive technological content, visit our Facebook page