The report, released on Sunday, July 18, explained how Amnesty found forensic traces on affected iOS and Android devices targeted by the Pegasus spyware, releasing technical notes on what they did to check for it.
Aside from this, Amnesty also made public its Mobile Verification Toolkit (MVT) for Pegasus detection, which takes different steps to determine the presence of Pegasus on an Android or iOS device.
The MVT will help users take a backup of their iPhone and check it against indicators of compromise used by NSO to deliver the Pegasus spyware as a payload that might be sent through text or email.
Encrypted iPhone backups can also take advantage of MVT, as MVT can decrypt the backup without requiring the creation of a new copy.
On Android phones, meanwhile, TechCrunch says the MVT scans your Android device backup "for text messages with links to domains known to be used by NSO. The toolkit also lets you scan for potentially malicious applications installed on your device."
TechCrunch found one indicator of compromise in their use of the MVT, which turned out to be a false positive after checking with Amnesty researchers. A new scan with the updated indicators showed no sign of Pegasus on the tested device.
As the MVT is open-source, here's to hoping a graphical interface for the toolkit is released in the future to make it easier for everyone to use. – Rappler.com
Victor Barreiro Jr is part of Rappler's Central Desk. An avid patron of role-playing games and science fiction and fantasy shows, he also yearns to do good in the world, and hopes his work with Rappler helps to increase the good that's out there.