How can you verify that your phone has been hacked by the Israeli spyware Pegasus?

Since the publication of the results of an investigation into the most dangerous Israeli spying program, Pegasus, and the disclosure of targeting the phones of heads of state and officials, and tens of thousands of human rights activists and journalists, the question has become: How do I verify that my phone was hacked or not?

Pegasus is considered the most powerful program ever. As soon as it finds its way to your phone, and without you noticing, the phone turns into a monitoring device that works around the clock, so it can copy the messages you send or receive, collect your photos and record your calls, and may secretly photograph you through your phone’s camera, or The microphone activates to record your conversations, and it can also identify where you are, where you’ve been, and the people you’ve met.

The Pegasus hacking or spying program was developed by the Israeli company NSO Group and marketed to the governments of countries around the world, and it has the ability to penetrate billions of phones running iOS or Android operating systems.

Is it possible to check if the phone has been hacked?

In light of the way that Pegasus works, which does not require any interaction from the owner of the phone, it was natural that the question on the minds of thousands of journalists, activists, and officials became: Am I on the list of phone numbers targeted by the Israeli spyware Pegasus?

And the British Middle East Eye published a report entitled “How to verify the presence of spyware on your phone?”, which monitored how a person tried to search for the answer himself, in light of the long list of searchers for it through specialized companies.

Since an investigation led by Amnesty International and the non-profit Forbidden Stories revealed that a data leak had identified 50,000 targeted phone numbers, teams involved in the investigation have been bombarded with requests to look up phone numbers on the list and scan phones.

A few hundred targets have been identified so far; They include French President Emmanuel Macron and Moroccan King Mohammed VI, both of whom were targets of Moroccan security services, according to the investigation.

He is joined by other officials targeted such as Iraqi President Barham Salih and Pakistani Prime Minister Imran Khan, journalists from media outlets around the world, dissidents from Azerbaijan and Hungary, and people close contacts of Jamal Khashoggi, the Saudi dissident journalist who was murdered in his country’s consulate in Istanbul, but NSO It denies these allegations, and Saudi Arabia, Morocco, and the UAE have also denied using the Israeli spy program.

If you think you might be on this list and want to ask Amnesty International and Forbidden Stories to verify your phone number, don’t expect a response anytime soon; Because hundreds of others are doing the same thing.

Can I search for Pegasus on my phone?

The latest version of NSO’s Pegasus spyware is incredibly complex, targeting security holes in your phone’s operating system that even its creators don’t even know to exist.

Meanwhile, some experts believe that the latest versions are only in the phone’s cache; So the clues disappear when the phone is turned off. However, Amnesty Tech has released a toolkit to help people search their phones for evidence of Pegasus.

Apple’s Mobile Phone Verification Toolkit (MVT) can be used on Android and iOS, using a device backup, and looking for any indications that spyware has been sent to your phone.

According to Amnesty Tech, the iPhone spyware is easier to find than the Android operating system, but signs of its presence can be spotted.

The MVT toolkit backs up your entire phone, then quickly scans for indications that AI knows the NSO is using it to compromise targets. This could include the domain names the company uses when sending Pegasus through a message or call, for example.

Do I have to be a specialist to check my phone?

For those who are not used to using toolkits like these, it may take some getting used to. Before using MVT, you’ll need to use an open-source software package, such as Homebrew, to install libusb – the data transfer library – and the Python 3 programming language. The MVT page explains how to do this.

Once launched, the MVT will identify any files that indicate that Pegasus has been spying on your phone, and Amnesty Tech’s director, Rasha Abdel Rahim, cautions that the toolkit is not suitable for beginners, but the team is working to make it easier to use.

Rasha wrote on Twitter: “This tool has been released as a forensic analysis tool for the tech-savvy audience. Using them requires some technical skills, such as understanding the basics of forensic analysis and using command-line tools.”