Wednesday September 22, 2021

How to check if your smartphone is infected with spyware

July 27, 2021

ISLAMABAD: A few days ago, it became known that the malicious utility called Pegasus, created by the Israeli company NSO Group for law enforcement agencies and intelligence services, is widely used to spy on residents of different countries secretly.

According to information security specialists, at least 50 thousand devices have been infected around the world. This number does not seem remarkably high, but Pegasus is very dangerous - it allows you to take full control of the smartphone, secretly read correspondence, wiretap phone conversations, view photos and videos.

Popular antiviruses cannot detect Pegasus since this malware exploits zero-day vulnerabilities that are unknown to the developers of operating systems and antivirus applications. The human rights organization Amnesty International has developed a utility that allows you to identify this malware. It is called MVT (Mobile Verification Toolkit), and its source code is available on GitHub, reported by international media.

The MVT utility is compatible with Android and iOS, but there are no ready-made solutions for the quick installation of the application. They need to be compiled for a specific device, which can be done only on a computer with Linux or macOS. The utility saves a backup copy of the data from the smartphone on the computer, scans all data and checks if the device is infected with the Pegasus spyware, and informs the user if information from his device could be compromised and transferred to third parties.

This utility, in particular, scans data transfer logs - it is there that infection indicators can most likely be found (information about sending calls history, SMS, IM messages, and other things to a remote server). On iOS, these logs are stored longer than on Android, so it is much easier to detect the Pegasus spyware on the iPhone. Given the complexity of using the Mobile Verification Toolkit, this utility should only be recommended for tech-savvy users or those who suspect Pegasus is tracking them.

Information security experts believe that this spyware is used for targeted surveillance. It infects not random devices but only smartphones belonging to specific people whose activities are of interest to those who control this software. Each Pegasus license costs hundreds of thousands of dollars, so surveillance is mainly carried out on those with valuable information (for example, politicians, business leaders or journalists of major publications).

Although the Pegasus case has become very popular in the news recently, hundreds of other spy apps continue to run silently and spy on their victims. Many programmes operate in a gray area posing as parental control or other legitimate applications. Be careful, practice good digital hygiene, and stay safe.