Pegasus’ reappearance in the news cycle a few weeks ago brought this spyware back to the forefront. Its invulnerability to iOS 14.6 made it particularly dangerous, as it was one of the newer versions of iOS. Now and thanks to iMazing and Amnesty International there is a simple and free tool to check if our iPhone has been infected with Pegasus. Let’s see what it consists of.

A tool based on the work of Amnesty International

A few weeks ago, Amnesty International released its Mobile Verification Toolkit, a free tool hosted on GitHub that allowed us to check if our Android or iPhone device was infected. The tool is not easy to use by users unfamiliar with the command line, so it has distanced the target audience from Pegasus a bit by authoritarian regimes (journalists, dissidents, etc.).

Now iMazing has added a test to its popular device maintenance app to detect Pegasus spyware. And it does it for free, building on the work of Amnesty International. Its intention is not to “spread fear”, since the vast majority of iPhone users are not in danger, but rather to “lower the barrier of entry” of the tool.

From iMazing, they make sure that the use of the tool is anonymous and free, even after the 7 day trial period of the app. All scans take place on our Mac or PC and none of our data is uploaded to the cloud or to any of our servers or third parties. To give us peace of mind, the company encourages that the backup their app works with be encrypted.

Pegasus is aimed at specific users who “annoy” certain authoritarian regimes, so that the general user can rest

It should be remembered that these types of Pegasus attacks are aimed at specific topics. The “contagion” occurs as soon as a link is received, which it is not even necessary to open (hence its danger). As always, we recommend that you update iOS to the latest version, with iOS 14.7.1 being the one supposed to fix the bugs that Pegasus takes advantage of.

How to use iMazing to detect Pegasus on your iPhone

First, we will need to download and install the latest available version of iMazing. By following the steps, we’ll have it ready to use. On our Mac, we need to go to System Preferences> Security & Privacy> Privacy and mark iMazing in the Full Disk Access folder. This way we will allow the app to work with a local backup of our device.

Then we connect our iPhone to the computer and agree to trust it if we haven’t already. We open iMazing and select it. Then we will search for Detect Spyware tool and click on it, at which point the guide to run it will open.

We’ll go through the steps, configuring the spyware “checker” as desired. We will accept the terms and conditions and start the analysis. It may take up to an hour, depending on how much data is in your iPhone. But the normal thing is we see this result, showing zero spyware threats:

In the remote case where you see a positive, iMazing asks you to send the results report to them to rule out a false positive. While they are solving it, they recommend that you remove the SIM card from your iPhone and turn it off.

The only way to get rid of Pegasus, if we suspect or know from the tool that we are infected, is to put iPhone in DFU mode and restore it from scratch. It is the most effective way to get rid of this spyware.