In response to the Pegasus spyware news, Amnesty International has released a toolkit to help people find out if their phone was/is secretly monitored.
Amnesty which is part of the group that helped break the news of journalists and heads of state being targeted by NSO’s government-grade spyware helps fight abuses of human rights worldwide through detailed research and determined campaigning.
The Mobile Verification Toolkit (MVT) works on both iPhones and Android devices, but slightly differently. Amnesty’s researchers noted that more forensic traces were found on iPhones than Android devices, which makes it easier to detect on iPhones. The tool will let you take an entire iPhone backup and feed in for any indicators of compromise (IOCs) known to be used by NSO to deliver Pegasus, such as domain names used in NSO’s infrastructure that might be sent by text message or email. If you have an encrypted iPhone backup, you can also use the tool to decrypt your backup without having to make a whole new copy.
The now launched tool checks if your phone has been affected by the spyware. Using the tool involves backing up your phone to a separate computer and running a check on that backup. At the moment, the tool works on the command line, so it’s not a refined and polished user experience and requires some basic knowledge of how to navigate the terminal.
In case you’ve been questioning the privacy on your phone since the news broke and are looking for guidance on using Amnesty’s new tool, click here for a detailed guide on how to install and use it.