Knowing how to detect Pegasus on Android, just like on iOS, is a very common question these days after the latest attack by this spyware on two members of the Spanish Government. Leaving aside the social alarm that this virus has caused in part, is it really possible to detect it? Yes, but we already told you that it is a almost impossible task.
Detecting Pegasus on iPhone with tools like iMazing is not easy, but it is possible. However, on Android the matter is further complicated by the peculiarities of the system and the silent and almost hidden character of Pegasus. And it is that not even the best mobile antivirus are efficient for this task. The reasons and how to at least try to detect it are listed below.
The reason we (probably) never get infected by Pegasus
First of all, we want to put some context on the matter and talk a little about the origin of Pegasus. And it is that this is a malware developed by the Israeli company NSO and that it is fundamentally oriented towards spy on important personalities: members of governments, opposition politicians, leaders of important companies, journalists with high-profile information…
Pegasus is not aimed at ordinary citizens, neither because of its sophistication nor because of its high hiring cost.
In short, Pegasus is designed to attack the devices of people around the world who have a certain power and interest behind them, for which some person (or rather entity or organized group) would be willing to pay the approximate half a million dollars it costs hire him according to estimates from The New York Times a few years ago. Because no, Pegasus is not new and its first attacks were already known in 2016.
Therefore, first of all we must tell you that it is very unlikely that someone will decide to attack you personally with Pegasus. Its contracting is done individually, that is, it provides for a single attack that, regardless of whether it takes effect or not, will not be refundable. So, conspiracies aside, I think few people can be the focus of these infections.
Since its entry it already shows signs of sophistication
Apart from the fact that we may be more or less the target audience for this spyware, the truth is that it is most likely that we were never aware of it. Not at least on our own by researching on the phone or using proper tools. From the moment that Pegasus enters the smartphone -it can be through a simple link much more sophisticated than a simple phishing- we would be lost.
A harmless SMS message with a link to a “safe web” and a clean and silent login are the main ingredients of Pegasus.
Both Google’s security updates and that of the Android layer manufacturers themselves plan to cover possible vulnerabilities in the devices, but Pegasus always enters with unknown exploitseven complementing false telephone towers or external devices that are capable of masking an apparently harmless link and taking us to a different website.
Pegasus also takes advantage of the escalation of system privileges to be able to carry out the espionage action, getting admin permissions completely silent. Not even the sending of our data will be visible and, of course, you will not be able to recognize it between the system processes.
Its detection is an almost impossible task
There is a tool to detect Pegasus, but it is for professionals
In line with what we mentioned in the previous paragraph, the fragmentation of android versions considerably complicate the detection of Pegasus. And it is that not only would there not be a single file in the system, but it could be distributed throughout it and be practically unrecognizable due to its excellent camouflage ability.
Amnesty International’s tool, called MVT, it can help to search for clues on both Android and iOS. Nevertheless, its use seems really complicated and more if you do not have a high level of technical knowledge about the operating system.
MVT, which really stands for Mobile Verification Toolkit, does not provide a detection system per se, but rather serves as a helper element to extract forensic evidence of the presence of Pegasus in the system. Therefore, no easy detection method with which we simply press a button, a scan is performed and we get an answer. At least today.
Practical tips to avoid this and other malware
With regard to avoiding being infected by Pegasus, we emphasize again the high improbability that exists that ordinary people can be infected. In any case, as is always recommended above all, do not trust SMS or emails with links that, although they seem normal, can be phishing. When in doubt, it is always convenient to notify the person or entity that allegedly sends said links by a safe and well-known channel.
Similarly, always try to avoid download apps or files of any kind that are suspicious. And even more so if they come from places other than Google Play or an official site that has certified their security.
Always being suspicious of received links, not downloading unreliable apps and having the latest version of the system available are key to prevention.
Another action always recommended and also applicable to other operating systems that are not Android is to always have the software updated to the latest version. In this way you can ensure that you have the latest security patches and that your mobile will be less vulnerable. And we emphasize the “minus” because (surprise) You will never have a 100% secure mobile.
As we mentioned recently about the use of Faraday covers or boxes for mobile phones, the most effective method to avoid hacking is to always turn off the mobile and never turn it on. A solution that may sound paradoxical and even stupid, but that will always be the most effective. Obviously, this will not be ideal for you, so using your mobile with common sense and following advice such as those mentioned above could be more than enough.
