Update of this article published last July with the addition of a procedure allowing any user to simply and officially check with Apple whether their iPhone has been infected or not by Pegasus. See details on this at the end of the article.
ThePegasus projectis making the headlines in tech news right now. And for good reason, it is the case of surveillance and cyber attackthe most important since the revelations of Edward Snowdenon the actions of the NSA in 2013.
A few days after the first pieces of information disseminated byForbidden Stories, we know a little more about the modus operandi of Pegasus, the software used to hack tens of thousands of mobile terminals of senior politicians, lawyers and journalists around the world in recent months. You should also know that, if Pegasus penetrates completely silently and invisibly on an iPhone or an Android smartphone, there is now a way to know if you have been a victim of the winged unicorn software, as described below in the article.
How does Pegasus spy software work?
So far, experts agree that the only way for Pegasus to penetrate a machine is via a text message or phone call. Then, the software benefits from so-called “zero-click” operation. This means that it becomes effective on the target machine without the user having to perform any action. Note that Pegasus can also infect an iPhone in the classic way, after the user opens a specific link.
On iOS, the flaw used by the spyware would be inherent to iMessage andstill present under iOS 14.6.
(1)@AmnestyTechsaw an iOS 14.6 device hacked with a zero-click iMessage exploit to install Pegasus. We at@citizenlabalso saw 14.6 device hacked with a zero-click iMessage exploit to install Pegasus. All this indicates that NSO Group can break into the latest iPhones.
— Bill Marczak (@billmarczak)July 18, 2021
Once Pegasus is deployed on the desired smartphone, it offers full access to the client, even bypassing the encryption solutions of Signal WhatsApp or even Telegram software. Actually,all phone activity can be monitored. This ranges from photo and video content, to passwords, including messages, emails, internet browsing, GPS position, etc. It's like a third party is looking over your shoulder at your phone, without you noticing.
To date, Apple does not appear to have sent an update that renders Pegasus ineffective. Neither in iOS 14.7, nor even in iOS 15. But the Californian's security engineers must currently be on war footing to try to plug the breach and offer a corrective update as quickly as possible. Apple's reputation for security for its iPhones is at stake,whatever the company sayson the non-critical nature of the fault.
How do I know if my iPhone has been targeted by Pegasus?
There is a somewhat technical method, at the time of publication of this article, to tell whether or not your iPhone has hosted the Pegasus spyware. You must use theMobile Verification Toolkit(ou MVT),available here on GitHub, which can notably be installed on macOS via the terminal. And it is through command lines that this tool will then be able to check an entire backup of the iPhone, made on the Mac via cable connection. Once the backup has been analyzed,the MVT can tell if the iPhone was infected by Pegasus or not. The scan tool also works for an Android smartphone.
You will find more information about handling verification via MVTon the TechCrunch website. It is not very complex, but requires a basic command of the command terminal and an understanding of English.
To date, this is the only possible manipulation to prove that your device was indeed targeted by Pegasus.
Updated November 25, 2021
Apple offers a tool to find out if your iOS device has been infected by Pegasus. Here is the procedure to follow to carry out this check:
- Go to the siteApple IDet s’identifier
- If one of your iOS devices has been infected by Pegasus, the page should display a notification at the top, like this:
© MacRumors
- This notification reminds you that Apple sent you an email and an iMessage on a specific date, alerting you that your iPhone would likely have been targeted for a Pegasus deployment. So you should already be aware at this point, but consulting this page ensures thatthe warning is real
Apple specifies that its detection system is not perfect. It can generate false alarms, but also miss devices that have indeed been infected. Regardless, and whether you have been infected or not, the Cupertino company strongly encourages you toUpdate your device to the latest version of iOS.The mobile operating system, in its latest iteration, normally makes activating Pegasus impossible.
The firm also specifies that it is more prudent to protect your Apple devices with Touch ID, Face ID or an alphanumeric code, to take advantage of double authentication as soon as possible, to use a complex password for your Apple ID account , install apps only via the App Store, avoid clicking on links or attachments in emails and messages received from strangers, and only use unique passwords when creating of your various accounts on the internet.
i-nfo.fr - Official iPhon.fr app
By : Keleops AG
Editor-in-chief for iPhon.fr. Pierre is like Indiana Jones, looking for the lost iOS trick. Also a long-time Mac user, Apple devices hold no secrets for him. Contact: pierre[a]iphon.fr.
