The iOS file transfer and management tool iMazing was updated with the ability to detect Pegasus spyware on your iPhone and iPad, potentially boosting your privacy should you ever find yourself targeted by a totalitarian government or law enforcement agency.
- Pegasus can infect phones without any action on users’ part
- Pegasus is sold to governments by Israeli’s NSO Group
- iMazing for macOS and Windows can now detect Pegasus
- Amnesty International offers a similar tool for Pegasus detection
iMazing can now detect Pegasus spyware on iPhone and iPad
Amnesty International recently released a free Pegasus-detection tool, dubbed Mobile Verification Toolkit. A new Pegasus-detection feature in iMazing 2.14, dubbed Spyware Detector, is based on Amnesty’s own open-source tool.
The refreshed iMazing software is available to download from the iMazing website. Whereas Amnesty’s tool requires advanced technical skills, iMazing’s couldn’t be easier to use.
Simply connect your iPhone or iPad to a macOS or Windows PC with an active internet connection, then fire up iMazing and choose the Spyware Detector feature to get started. “Our hope is that by lowering the technical barrier of entry, we may raise awareness and facilitate early detection of future threats,” iMazing tells me via email.
Although iMazing shows a trial screen when used without a license, simply hit “Continue Trial” to use the spyware detection feature (there’s no time limitation to the trial).
For further information, read a post on the iMazing blog.
How Pegasus bypasses Apple’s protections
NSO, an Israeli spyware company group, says its surveillance tool Pegasus can extract data from iPhone and Android devices without a victim being aware of an attack. All it takes, apparently, is a malformed message delivered silently to your device (without a notification or even a sound or visible banner) to inject rogue code and take over your phone.
Naturally, NSO Group has not disclosed how Pegasus manages to accomplish this. According to security experts, Pegasus probably takes advantage of zero-day exploits in the iOS parsing libraries that iMessage uses to resolve incoming attachments. On top of that, Pegasus can also extract data from cloud services such as Google Drive or iCloud via infected iPhones.
Should I worry about Pegasus?
A government agency could be expected to pay anywhere north of $1 million for the license to use Pegasus. On top of that, a license can be revoked at a moment’s notice in case of abuse (so says NSO Group). Due to the high cost associated with tracking individuals with Pegasus, this phone malware/spyware is typically used against only high-profile targets.
If you’re not a renowned journalist tasked with the discovery of shocking corruption and bribery occurring at the highest levels of the government, or a rights activist who speaks up on totalitarian regimes, then you don’t need to worry about Pegasus at all.