This toolkit will tell you if your phone is infected by the Pegasus spyware

This toolkit will tell you if your phone is infected by the Pegasus spyware
The NSO Group is the maker of the Pegasus spywareNSO Group
  • Phones of hundreds of people across the world have been found to be infected by the Pegasus spyware.
  • The spyware is developed by the Israeli firm NSO Group and it can remotely track and perform complete data extraction without leaving any traces.
  • Researchers at Amnesty International have developed a toolkit to check if your phone is infected by the Pegasus spyware.
Israeli firm NSO Group’s flagship software, Pegasus, is in the news yet again – this time, for being used to spy on businessmen, politicians, journalists, and in some cases, even prime ministers.

According to a joint investigation by Forbidden Stories, a French non-profit organisation, and Amnesty International, phones of more than 1,000 people were infected by the Pegasus spyware, spread across 50 countries.

The list of those affected include prime ministers, security and military personnel and diplomats – in most cases, high-profile people were the ones being targeted.

Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More
Forbidden Stories received a leaked list of 50,000 phone numbers – this also includes potential targets. A review of dozens of phones confirmed the presence of the Pegasus spyware. While we have confirmation of over 1,000 people, so far, it is likely that there are several more users who have been infected but don’t know yet.

Now, you can find out if your phone is infected by the Pegasus spyware using a free and open source toolkit.


How to find out if your phone is infected by the Pegasus spyware?

Researchers at Amnesty have worked to create a toolkit to find out if your phone is infected by the Pegasus spyware. The toolkit is open source and has been published on Github, allowing everyone to inspect the source code and verify if it is reliable.

The Mobile Verification Toolkit can be used for both iOS as well as Android devices. It uses a command-line interface, so it may not seem very user friendly at first, but detailed documentation has been published with usage instructions.

The toolkit requires installation of Python dependencies – these are available on the MVT website along with instructions.

The toolkit analyses your iPhone’s backup copy to look for traces of the Pegasus spyware. On Android phones, it analyses the Android app installation files (usually called APK), or an Android backup to look for suspicious SMS.

The toolkit uses VirusTotal and Koodous to run checks on the APKs it extracts during the process.

What does the Pegasus spyware do?

According to the software’s description on the NSO Group’s website, the Pegasus spyware is capable of complete data extraction from the victim’s phone.

What makes this software worse is that it can be used for remote and stealth monitoring, without the victim even realizing that they are being watched.

The NSO Group’s website notes that the spyware can extract data remotely via untraceable commands.

The Pegasus spyware could essentially make it unnecessary to have physical access to a device to spy on victims.

For instance, iPhones, which are usually touted for being secure, reportedly have a gaping security issue in iMessage that allows remote access and duplication of data.


Apple's iPhone has a 'major blinking red five-alarm-fire problem with iMessage security,' according to a cybersecurity researcher

Jeff Bezos’ intimate messages, data from drug cartels, Jamal Kashoggi — the many things Pegasus is suspected of hacking instead of terrorists and criminals

Microsoft, Google and other top tech firms join hands to help WhatsApp against NSO's Pegasus spyware