this post was submitted on 05 Dec 2024
269 points (96.9% liked)

Technology

60082 readers
4322 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 

Self-scans reveal that Pegasus, an invasive and powerful spyware that can secretly control phones and track owners, might be more widespread than previously thought. It was discovered on the phones of everyday phone users.

From wikiHow: How to Check Your Smartphone for Pegasus Spyware

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 90 points 2 weeks ago (2 children)

Amnesty International provides a FOSS tool to check your mobile backups for traces of the Pegasus Spyware. I’d trust that over a sketchy proprietary app. Link: https://docs.mvt.re.

[–] gcheliotis 18 points 2 weeks ago (2 children)

Cool. I had no idea. Still…

MVT is a forensic research tool intended for technologists and investigators. Using it requires understanding the basics of forensic analysis and using command-line tools. MVT is not intended for end-user self-assessment. If you are concerned with the security of your device please seek expert assistance.

[–] [email protected] 4 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

It can help you if you think you are BUT especially with iPhones it can only scan your backup, unless you jailbreak the phone and can do a full disk dump.

As a mobile security expert this is just one of the tools in the kit, but it ought not be used by a “end user” as a verification tool. This does NOT verify you aren’t being tracked, it can only verify that signatures of the malware exist.

[–] gcheliotis 2 points 2 weeks ago (1 children)

And would signatures of Pegasus exist in the backup?

[–] [email protected] 1 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

Yes. Maybe. Sometimes. Much more likely if you do an encrypted backup and decrypt it with the tool.

Regardless it’s not guaranteed to pick them up.

[–] gcheliotis 1 points 2 weeks ago (1 children)

May give it a try one of these days. But knowing nothing of the reliability of the tool in detecting the malware decreases my motivation to even try I must say.

[–] [email protected] 2 points 2 weeks ago

The warning was meant for you.

[–] A_A 2 points 2 weeks ago* (last edited 2 weeks ago)

Everyone is safe from Pegasus ...
Except cell phone owners (which is most everyone)
Exception to the exception : people who know about this excellent FOOS tool (and know someone who can use it) - - thanks

[–] BrianTheeBiscuiteer 3 points 2 weeks ago

Ugh. So it looks like I can't even do this with Termux. Gotta dig out one of my few cables that does data transfer.