Recently an investigation has come to light in which acts of espionage committed by many governments around the world were made known to important figures from different sectors through a tool known as Pegasus.
In that sense, Pegasus is a tool developed by an Israeli company named NSO Group and whose commercialization is only directed to clients of a governmental nature. Among the objectives on whom the use of this tool is focused are politicians, journalists, executive directors, public officials and human rights activists.
Through the functions present in Pegasus the person who controls it can have the opportunity to carry out different actions on the affected device without being detected, such as record keystrokes, trace devices, intercept communications, as well as use camera and microphone of different devices to spy on the user.
How is a device intervened with Pegasus?
Although its action is sophisticated, when intervening a Pegasus device it uses a method lacking in complexity. In order to facilitate the covert installation of this software, initially the sending an SMS or an iMessage (in the case of iOS devices) manipulated to target devices.
Within this message is included a link to a website, which when clicked by the user activates the installation of malicious software that is housed in the device incognito. Once the device intervention through Pegasus has been successfully completed, the person responsible for the attack can gain full control of the device’s operating system.
How to check if I have been a victim of Pegasus?
While the 50,000 phone numbers obtained from the Pegasus spy attack could be considered a large number, the truth is that the possibility of an ordinary citizen being part of that list is minimal.
The reason is that the espionage acts carried out with Pegasus, for the most part, were directed at people who hold or exercise an important position within a certain sector.
However, those who wish to check whether or not they were spied on by this tool can do so through the Mobile Verification Toolkit (MVT), a tool provided by International Amnesty with which they can verify if they are part of the list of people spied on through Pegasus. To do this, they must access the GitHub platform through the following link:
Once there, a series of steps will be presented to the person that they must follow to check if their iOS or Android device was intervened by Pegasus. To do this, the page launches a Device vulnerability check test.
In that sense, the MVT is capable of detect the presence of specific software you are having suspicious activity on the device. The tool can also recognize domains used by this type of software and that are part of a support infrastructure that makes their action possible.