Self-scans reveal that Pegasus, an invasive and powerful spyware that can secretly control phones and track owners, might be more widespread than previously thought. It was discovered on the phones of everyday phone users.

From wikiHow: How to Check Your Smartphone for Pegasus Spyware

  • sepi@piefed.social
    link
    fedilink
    English
    arrow-up
    188
    arrow-down
    1
    ·
    13 days ago

    There could be spyware on your phone! Install this shady app to find out if you have the spyware or not!

    I wonder if the shady app in the link is the spyware. This would be a brilliant way of getting on to people’s phones.

  • Irdial@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    92
    arrow-down
    2
    ·
    13 days ago

    Amnesty International provides a FOSS tool to check your mobile backups for traces of the Pegasus Spyware. I’d trust that over a sketchy proprietary app. Link: https://docs.mvt.re/.

    • gcheliotis@lemmy.world
      link
      fedilink
      English
      arrow-up
      18
      ·
      13 days ago

      Cool. I had no idea. Still…

      MVT is a forensic research tool intended for technologists and investigators. Using it requires understanding the basics of forensic analysis and using command-line tools. MVT is not intended for end-user self-assessment. If you are concerned with the security of your device please seek expert assistance.

      • prettybunnys@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        4
        ·
        edit-2
        12 days ago

        It can help you if you think you are BUT especially with iPhones it can only scan your backup, unless you jailbreak the phone and can do a full disk dump.

        As a mobile security expert this is just one of the tools in the kit, but it ought not be used by a “end user” as a verification tool. This does NOT verify you aren’t being tracked, it can only verify that signatures of the malware exist.

      • A_A@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        12 days ago

        Everyone is safe from Pegasus …
        Except cell phone owners (which is most everyone)
        Exception to the exception : people who know about this excellent FOOS tool (and know someone who can use it) - - thanks

  • prettybunnys@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    30
    ·
    12 days ago

    You can use pip to install the tool.

    it’s call mvt

    Your package manager might have it.

    If you’re on a Mac just use brew to install it.

    Don’t use this third party app.

      • IHawkMike@lemmy.world
        link
        fedilink
        English
        arrow-up
        12
        ·
        13 days ago

        I don’t know the full answer, but Pegasus isn’t one single piece of spyware, but rather a toolkit of many, many zero-day exploits.

        A lot of them (the majority maybe?) are non-persistent meaning that they don’t survive a reboot.

        That said, aside from keeping your phone up to date with security patches and rebooting frequently, I’m not sure there’s much the average person can do if you’re actively being targeted.

          • 9tr6gyp3@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            edit-2
            12 days ago

            You can try factory reset, but more than likely they control the boot process, so you can’t get rid of the malware no matter what you do.

            You might be able to trade it in with your manufacturer. They might be interested in having an infected phone to study.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        1
        ·
        12 days ago

        I installed GrapheneOS the moment I got my phone, which should give me a few protections over standard Android.

        Longer term, I intend to get a Linux phone, I’m just waiting for the hardware and software to improve. I already almost entirely avoid the Play store, so making the final switch shouldn’t be that big of a jump.

    • IHawkMike@lemmy.world
      link
      fedilink
      English
      arrow-up
      10
      ·
      13 days ago

      I’d be careful about completely trusting any AV to give you any certainty that you aren’t infected.

      As I mentioned in another comment, Pegasus is comprised of many different exploits. So just because Bitdefender can detect some older Pegasus variants, doesn’t mean it can detect all of them.

      In fact it’s quite unlikely they can detect the latest variants.

    • AWittyUsername@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      12 days ago

      Cool I bet you sleep with your curtains/blinds open, don’t lock your doors and post your address online right? Who cares about privacy.