A new mobile security tool launched by iVerify in May has detected seven infections of the infamous Pegasus spyware in its first 2,500 scans, marking a significant advancement in public access to spyware detection.
About the Tool
The tool, called Mobile Threat Hunting, combines malware signature detection, heuristics, and machine learning to identify spyware on both iOS and Android devices. While primarily offered to paying customers, a simplified version is available through the iVerify Basics app for a nominal fee, allowing users to perform monthly scans by generating diagnostic files for analysis.
Key Findings
Though the detection of seven infections may seem modest, the results underscore the broader reach of spyware like Pegasus. These findings suggest that the use of commercial spyware is more widespread than previously believed, especially within a self-selecting group of users concerned about their digital security.
Rocky Cole, iVerify’s Chief Operating Officer and a former NSA analyst, revealed that Pegasus targets extend beyond the expected groups of journalists and activists, including business leaders, commercial enterprise operators, and government officials. This challenges earlier assumptions about the spyware’s victim profile.
How It Works
iVerify’s tool scans for typical signs of spyware infections, such as:
- Diagnostic data anomalies
- Crash logs
- Abnormal shutdown logs
These techniques have been pivotal in identifying Pegasus compromises, even on devices belonging to high-profile individuals, including political activists and campaign officials. Despite ongoing challenges in refining detection tools and minimizing false positives, the tool has already demonstrated its effectiveness.
The Growing Threat
The success of iVerify’s tool highlights the evolving threat of commercial spyware and its impact on mobile device security. Once thought to be relatively safe, devices like iPhones and Android smartphones are increasingly recognized as vulnerable targets.
Industry Response
The NSO Group, developer of Pegasus, defends the tool’s use by vetted intelligence and law enforcement agencies allied with the U.S. and Israel. Gil Lainer, an NSO spokesperson, reiterated that its spyware is sold exclusively to authorized government clients for legitimate purposes.
Implications
The launch and success of iVerify’s tool reflect a shift in how mobile security is addressed, offering individuals a user-friendly way to detect sophisticated threats. As spyware becomes more prevalent, tools like these are essential for safeguarding privacy and raising awareness about the vulnerabilities of mobile devices.
