Pegasus spyware is no longer limited to high-profile targets: it has been detected on ordinary users’ phones

Pegasus is one of the most advanced and dangerous spyware in the world. Can be installed on devices Android and iOS without users having to do anything. Once the system has been compromised, the operators of this software typically have access to text messages, emails, camera, microphone, phone calls, and location.

Over the years Pegasus has been used against high-profile targets, such as politicians, activists and journalists. In 2022, for example, the Government reported that President Pedro Sánchez’s mobile phone had been infected with Pegasus. Now, iVerify’s latest findings suggest that the software is being used much more widely.

Pegasus, detected in several mobile phones

iVerify launched a Pegasus mobile verification tool in May. Users can perform a completely private analysis or share their results with the company. Of the 2,500 who chose this last path, seven had their phone infected. While this may seem like a small number, it evidences that Pegaus is more widespread than previously believed.

How 9to5Mac collectsiVerify COO and former CIA analyst Rocky Cole noted that Pegasus now “looks much more like the typical attack profile of a typical malware or run-of-the-mill APT group than the usual narrative that the software “spy is used exclusively against activists,” and that he was surprised to find such a broad spectrum.

The cybersecurity firm’s findings contrast with public statements by NSO Group, the Israeli firm that develops Pegasus, which assures that its program is used exclusively by intelligence agencies and law enforcement allied with the United States and Israel. Furthermore, it is extremely expensive spyware. Using it can cost more than half a million dollars.

iVerify had to overcome several challenges to create its detection app. The first of them appeared on iOS. The iPhone, remember, prevents access to the system kernel. For this reason, iVerify used various machine learning-based solutions to boost detection. The second challenge had to do with the very nature of the software to hide itself.

To date, several solutions have been developed to detect and prevent the presence of Pegasus. Options like Mobile Verification Toolkit (MVT) require connecting the device to a computer and advanced knowledge by users. iVerify Basic, available on iOS and Androidpromises to make the entire process much easier.

The application costs $0.99 and can be used to perform one free scan per month. Those who want real-time analysis can pay for a subscription. Is iVerify Basic secure? Everything seems to indicate yes, and it comes from a cybersecurity company, but it will be the users who will have to evaluate whether it is a good idea to install it on their devices.

Images | Xataka with Bing Image Creator

In Xataka | Apple launches a “lockdown” mode to protect the iPhone from Pegasus attacks

In Xataka | A hacker in Lithuania and four days of delay: why the AEPD has fined Telefónica 1.3 million