How to detect Spyware Pegasus on Android and iOS

Cedric Ferry
3 min readJul 22, 2021

Pegasus is a spyware developed by the Israeli cyberarms firm NSO Group. Target phones can be infected by a simple WhatsApp call.

A tool to detect if Pegasus is installed on your phone

Amnesty International as developed Mobile Verification Toolkit, MVT in short. MVT can be install with python as you will see below. it will help you for both Android and iOS.

MVT will scan your iPhone or Android backup to find out if your phone is compromised.

TL;DR;

I’ve written a little program to make this easier it can be found her

Installing MVT

no matter if you are using Android or iOS, you will need MVT

Open the Terminal:
pip3 install mvt --user

pip3 is installing mvt

The --user is prevent any permission issue

Android procedure with device

Enable developer mode

mvt is using ADB in order to read device information, and you will need to enable developer mode:

  • go to Settings
  • find About this phone
  • local “Build number” and tap multiple times

Then head to Settings and locate Developer options

Scroll to USB debugging and enable it

Running the analysis

If you are and Android Developer, make sure Android Studio is closed.

Open the Terminal and run

$ ~/Library/Python/3.8/bin/mvt-android check-adb

--

--