Developed by the name of Mobile Verification Toolkit (MVT), this tool helps the user to identify whether his phone has been captured by Pegasus spyware or not. It works with both Android and iOS devices work However, researchers have also pointed out that it is easier to spot a breach on an iPhone handset than an Android device, due to more forensic traces available on Apple hardware.
Users have to back up their data to allow MVT to decrypt all files stored locally on their phones to see the Pegasus proofs. However, in the case of a jailbroken iPhone, a full filesystem dump can also be used for analysis.
In its current stage, MVT requires some command line knowledge. However, it may acquire a graphical user interface (GUI) over time. The tool’s code is also open source and on GitHub with detailed documentation. available is.
Once a backup is created, MVT uses indicators such as domain names and binaries to look for Pegasus related traces of NSO. The tool is also capable of decrypting iOS backups if they are encrypted. MVT requires at least Python 3.6 to run on the system. If you’re on a Mac machine, it needs to have Xcode and Homebrew installed as well. If you want to view forensic traces on an Android device, you’ll also need to install certain dependencies.
Paris-based journalism non-profit Forbidden Stories, in collaboration with Amnesty International, has shared a list of more than 50,000 phone numbers with news outlet Consortium Pegasus Project. Out of the total number, journalists were able to find over a thousand individuals in 50 countries who were allegedly targeted by Pegasus spyware.
Recently some political figures including Indian National Congress’s Rahul Gandhi and political strategist Prashant Kishor were also claimed to be targets.