A few weeks ago, a massive spying campaign surfaced, targeting several high-profile people, celebrities and nation heads. Called Pegasus, the devastating tool was developed by the Israeli company NSO Group. Its clients have subsequently used it to spy on targets. Tap or click here for details.
Most of the victims, which included at least 37 journalists, royal family members and activists, used iPhones for daily activities. Leveraging on this, cybercriminals deployed a zero-clicks campaign through Apple’s iMessage system.
But fears are spreading that it wasn’t only high-profile people who were targeted. There is a good chance that everyday citizens got caught in the net. Fortunately, a new tool is available to scan your device to check for this spyware.
Here’s the backstory
Created by independent software developer DigiDNA, the Pegasus Spyware Detection tool is built into the latest version of its iMazing software. It is only capable of scanning iOS devices like iPhone or iPad for now.
The tool is completely free to use, and the team stressed that you do not need to purchase a license or register an account. The only time that would be necessary is if you want to continue using the tool beyond the free trial period.
The software scans your iOS device for indications of spyware. The analysis and backup of files are kept locally on your machine. The company explained that “strictly none of your personal data is uploaded to our servers.”
By correlating information on your device against the known database of Pegasus files, the software looks for known malicious links, email addresses, process names and file names. These are put together by the security community in STIX format.
How to use the free tool
You must download the latest version of iMazing (currently 2.14 or above) onto a PC or Mac computer for the tool to work.
Once it’s downloaded, launch iMazing on your computer and connect your iPhone or iPad via USB. Then follow the steps below:
- Unlock your device and enter your passcode to establish pairing with the computer.
- In the Actions panel, scroll down and click Detect Spyware. In this setup, you can select the Indicators of Compromise. It’s best to leave it on Download STIX files. For the analysis report, select the output method.
- Follow the information like Backup Options and configuration steps carefully. After going through the Disclaimer, click Start Analysis.
- Once complete, read the analysis report and refer to the documentation for help.
If your iOS device is clean and no traces of Pegasus could be found, a notice will display “No signs of Infection detected.” If a positive detection has been found, it will tell you critical matches, warnings or info logs that are present.
The analysis report will have details on the scan, and iMazing would also like to look. If it is on your phone, send the report to the iMazing team. They will check it for a false positive and get back to you with any actions you need to take.