Developed under the name of Mobile Verification Toolkit (MVT), this tool helps the user to identify whether his phone has been caught by Pegasus adware or not. It works with both Android and iOS devices Work However, researchers also point out that with more forensic traces available on Apple hardware, it’s easier to break iPhone handsets than Android devices.
Users will need to back up their data to allow MVT to decrypt all files stored locally on their phone to view Pegasus evidence. However, in the case of a jailbroken iPhone, an entire file system dump can also be used for analysis.
At this stage, MVT needs some command line knowledge. However, it may acquire a graphical user interface (GUI) over time. The tool’s code is also open source and is available on GitHub with detailed documentation. Available Is.
Once backed up, MVT uses indicators such as domain names and binary to find traces of NSO’s Pegasus. The tool is also capable of decrypting iOS backups if they are encrypted. MVT requires at least Python 3.6 to run the system. If you’re on a Mac machine, it also needs to have Excode and HomeBrew. If you want to see forensic traces on an Android device, you will also need to set up some dependencies.
Paris-based journalism nonprofit Forbidden Stories, in collaboration with Amnesty International, has shared a list of over 50,000 phone numbers with the New Zealand Outlet Consortium Pegasus Project. Out of the total, journalists were able to locate more than a thousand people in 50 countries who were allegedly targeted by Pegasus adware.
Recently, some political figures, including Rahul Gandhi of the Indian National Congress and political strategist Prashant Kishor, were claimed to have been targeted.