The human rights organization Amnesty International has developed a utility that allows you to identify this malware. It is called MVT (Mobile Verification Toolkit), and its source code is available on GitHub.The MVT utility is compatible with Android and iOS, but there are no ready-made solutions for the quick installation of the application. They need to be compiled for a specific device, which can be done only on a computer with Linux or macOS.
The utility saves a backup copy of the data from the smartphone on the computer, scans all data and checks if the device is infected with the Pegasus spyware, and informs the user if information from his device could be compromised and transferred to third parties.This utility, in particular, scans data transfer logs – it is there that infection indicators can most likely be found (information about sending calls history, SMS, IM messages, and other things to a remote server). On iOS, these logs are stored longer than on Android, so it is much easier to detect the Pegasus spyware on the iPhone. Given the complexity of using the Mobile Verification Toolkit, this utility should only be recommended for tech-savvy users or those who suspect Pegasus is tracking them.
Information security experts believe that this spyware is used for targeted surveillance. It infects not random devices but only smartphones belonging to specific people whose activities are of interest to those who control this software. Each Pegasus license costs hundreds of thousands of dollars, so surveillance is mainly carried out on those with valuable information (for example, politicians, business leaders or journalists of major publications).
Although the Pegasus case has become very popular in the news recently, hundreds of other spy apps continue to run silently and spy on their victims. Many programs operate in a gray area posing as parental control or other legitimate applications. Be careful, practice good digital hygiene, and stay safe.