A newly launched app enables users to routinely check their iPhones for Pegasus spyware, which has access to nearly all the data on a device, for a one-time fee of just one dollar.
Developed by a mobile security company, this app allows users to scan both iPhone and Android devices and submit the results for analysis. As of now, it has identified seven devices infected with the spyware…
NSO’s Pegasus Spyware
The NSO Group is known for creating Pegasus spyware. The company acquires “zero-day” vulnerabilities, which are unknown to Apple, from hackers and its software can execute zero-click exploits—ones that don’t require any user interaction from the targeted device.
Reports indicate that merely receiving a particular iMessage—without even opening or interacting with it—can lead to an iPhone being compromised, resulting in the exposure of personal data.
While NSO sells Pegasus exclusively to government entities, its clientele includes nations with questionable human rights records, often targeting political adversaries and others.
Victims Aren’t Just the Obvious Targets
Apple strives to detect compromised iPhones and inform their owners, but Wired reports a proactive scanning method is now attainable for users.
On Tuesday, the mobile security firm iVerify published insights from a spyware detection feature it rolled out in May. Out of 2,500 device scans submitted for review by the company’s customers, seven were found to be infected with the infamous NSO Group malware known as Pegasus.
The company’s “Mobile Threat Hunting” feature utilizes a mix of malware signature detection, heuristics, and machine learning to identify anomalies in both iOS and Android device activity, along with potential indicators of spyware infection.
Common Pegasus targets include political activists, journalists, lawyers, politicians, and CEOs. However, iVerify notes that the seven identified victims encompassed a broader demographic than anticipated.
“What’s intriguing is that the individuals targeted weren’t solely journalists or activists but also business leaders, people running commercial enterprises, and those in government roles,” remarks Rocky Cole, chief operating officer of iVerify and a former analyst at the US National Security Agency. “The targeting profile resembles that of common malware or advanced persistent threat groups rather than the narrative that mercenary spyware is only being used to target activists. It absolutely does target activists, but the diversity in victims was surprising.”
How to Scan Your iPhone for Pegasus Spyware
iVerify primarily markets a subscription service to enterprise clients and other organizations, enabling continuous device scanning. However, it also provides individual smartphone owners the chance to perform monthly scans.
The company additionally features a free version of the functionality for users who download the iVerify Basics app at the cost of $1. These users can follow a series of steps to create and send a special diagnostic utility file to iVerify, receiving feedback within hours. Free users are eligible to use this tool once per month.
You can download the app here.
Image: DMN collage of images from iVerify and PxHere
FTC: We use income-earning auto affiliate links. More.
