iVerify Unveils Disturbing Prevalence of Pegasus Spyware on Mobile Devices

In an investigation, iVerify has revealed the pervasive presence of the notorious Pegasus spyware in mobile devices, uncovering seven infections in a sample of 2,500 user-scanned devices. This discovery challenges long-standing assumptions about the rarity of advanced spyware threats.

Historically, mobile security research has been hampered by limited access to compromised devices. “For years, our understanding of mobile device threats was built on a dangerously narrow foundation,” states the iVerify report. Investigations were restricted to high-risk targets such as journalists and government officials, leaving a significant blind spot in understanding the broader scope of mobile compromises. “Imagine trying to understand an entire ocean by examining a single teaspoon of water,” the report analogizes.

This traditional approach led to a perception that spyware like Pegasus was a rare and targeted phenomenon, largely affecting high-profile individuals while sparing everyday users.

The findings of iVerify’s investigation were striking. Analysis of 2,500 self-scanned devices revealed seven confirmed Pegasus infections, including instances dating back to 2021. This discovery challenges the prevailing notion that Pegasus and similar spyware are exclusively deployed against high-value targets.

Pegasus, developed by the NSO Group and referred to by iVerify as Rainbow Ronin, represents the pinnacle of invasive spyware technology. Its capabilities include:

• Complete Device Control: Accessing messages, emails, photos, and call logs.
• Zero-Click Attacks: Infection without user interaction.
• OS Exploitation: Leveraging vulnerabilities in iOS and Android.

The iVerify investigation detected forensic artifacts such as diagnostic data, shutdown logs, and crash logs, offering critical insights into Pegasus’s operation.

“These weren’t just recent infections,” the report emphasizes. “Our analysis revealed a complex timeline of compromise.” The presence of both recent and older infections suggests a sustained and widespread campaign targeting a wider range of individuals than previously understood.

The implications of iVerify’s findings are significant. By demonstrating the feasibility of widespread Pegasus infections beyond the traditional target profiles, the report underscores the urgent need for a more proactive and comprehensive approach to mobile security.

“This wasn’t just a technical achievement,” the report asserts. “It was a fundamental shift in how we approach mobile security – putting power back into the hands of users, one five-minute scan at a time.”

The company’s continued research will be shared at the upcoming OBTS v7.0 conference, with a technical blog post to follow.

Related Posts:

• EU justice officials were targeted by Pegasus spyware
• Israel uses Pegasus spyware to track hostages in Gaza
• S. State Department employees’ iPhones were hacked by NSO spyware
• How Spyware Evades Detection through Advanced Obfuscation
• New Agent Tesla Spyware Variant was spread via Microsoft Word documents