Self-scans reveal that Pegasus, an invasive and powerful spyware that can secretly control phones and track owners, might be more widespread than previously thought. It was discovered on the phones of everyday phone users.
From wikiHow: How to Check Your Smartphone for Pegasus Spyware
How do I know this isn’t an attempt to install spyware on my phone?
I don’t think I saw it mentioned but if you’re already running/subbed to bitdefender av then you can install that on phone to detect it.
Download a random app an execute it blindly? No thanks.
I fully understand, but not knowing about Pegasus malware is pretty weird. It’s state actor spyware made by Israel (with worldwide governmental funding).
If you’ve been around tech circles for any length of time, sure, but your average person probably hasn’t heard of it.
I’ve doublechecked this, and you are indeed correct. The news is still reported on, but Pegasus is not always mentioned by name and if it is it’s mostly a single mention in a little passage.
Damn, I oughtta give my phone a check
Let’s say there are signs of it being infected. What can you do next?
Buy/replace your phone
How do you keep that one from reinfecting?
You can try factory reset, but more than likely they control the boot process, so you can’t get rid of the malware no matter what you do.
You might be able to trade it in with your manufacturer. They might be interested in having an infected phone to study.
Reinstall rom
There could be spyware on your phone! Install this shady app to find out if you have the spyware or not!
I wonder if the shady app in the link is the spyware. This would be a brilliant way of getting on to people’s phones.
Yeah, I’ll just assume that my GrapheneOS install is safe, the checker probably wouldn’t work anyway…
I haven’t checked, does GrapheneOS do reproducible/deterministic builds so that you could verify that the published release matches your image? The boot attestation should not be able to be circumvented, if you trust Google hardware to do what it says on the tin.
Thanks, interesting. I have used boot attestation but not yet Auditor. Hope to have some quality time reading up on the documentation in the coming three weeks.
I’m considering running my own build farm for updates, so maybe I’ll write up a post about it if I get to it.
Yeah, I see what you mean and on top of that you would need to pay for it.
That’s why I added in the description a link with instructions on the free tool designed by Amnesty International’s Security Lab.
My thoughts exactly… If there’s a FOSS tool to check, then we’d be talking.
Lol I almost linked you to your own comment
What do you mean??? WikiHow is a collection of only the most reliable tutorials and information. Now be good and install the shady app.
Amnesty International provides a FOSS tool to check your mobile backups for traces of the Pegasus Spyware. I’d trust that over a sketchy proprietary app. Link: https://docs.mvt.re/.
Hey, that’s the mexican goverment’s favorite to spy on activists and journalists :D
You can use pip to install the tool.
it’s call mvt
Your package manager might have it.
If you’re on a Mac just use brew to install it.
Don’t use this third party app.
