A newly launched app enables users to regularly check their iPhones for Pegasus spyware, which can infiltrate nearly all data on a device, for a one-time fee of just one dollar.
This app, developed by a mobile security firm, allows scans of both iPhone and Android devices, with the results sent back to the company for analysis. So far, seven instances of spyware infection have been identified.
Understanding NSO’s Pegasus Spyware
The NSO Group is the creator of Pegasus, a spyware tool that exploits ‘zero-day’ vulnerabilities acquired from hackers— flaws unknown to Apple. Its software is capable of executing zero-click exploits, meaning no interaction from the target user is necessary.
Reports indicate that simply receiving a specific iMessage can compromise an iPhone, exposing personal information without any need for the user to open or interact with it.
NSO exclusively sells Pegasus to governmental clients, including regimes notorious for their human rights violations, targeting political adversaries and other individuals.
Victims Extend Beyond Obvious Targets
While Apple actively seeks to identify compromised devices and notify their owners, Wired reveals that there is now an opportunity for users to proactively examine their own devices.
On Tuesday, iVerify, a mobile device security firm, disclosed findings from a spyware detection feature launched in May. Among 2,500 device scans voluntarily submitted for analysis, seven cases revealed infections of the notorious NSO Group malware known as Pegasus.
The company’s “Mobile Threat Hunting” feature employs a mix of malware signature detection, heuristic analysis, and machine learning to identify irregularities in activity on iOS and Android devices, as well as key signs of spyware infection.
Pegasus spyware most frequently targets individuals such as political activists, journalists, lawyers, and CEOs. However, iVerify reported that the seven identified victims encompassed a much broader demographic than anticipated.
“What’s particularly interesting is that the targeted individuals included not only journalists and activists but also business leaders and those in governmental roles,” said Rocky Cole, COO of iVerify and former NSA analyst. “This suggests a targeting pattern that resembles that of your typical malware or advanced persistent threat group, rather than supporting the narrative that mercenary spyware exclusively targets activists. While that is certainly true, the diversity of targets was unexpected.”
Scanning Your iPhone for Pegasus Spyware
iVerify primarily markets a subscription service aimed at enterprises and organizations, providing continual scanning of devices. However, it also offers individual smartphone users the ability to perform monthly scans.
The company also provides a complimentary version of the feature to anyone who downloads the iVerify Basics app for $1. Users can follow steps to create and send a specialized diagnostic utility file for analysis within hours. Free accounts can utilize this tool once a month.
You can download the app here.
Image: DMN collage featuring images from iVerify and PxHere
: We use income-earning auto affiliate links. More.
