Over the past few years, we have seen how Pegasus, the spyware developed by Israeli cyber weapons company NSO Group, has affected iPhone users around the world. But now, Kaspersky says it has created a tool that can let users check whether they have spyware installed on their device.
The company says it has developed a “lightweight” way to detect various “sophisticated iOS spyware” such as Pegasus, Pegasus-like threats – Reign and Predator – and is offering it as a self-check tool for all users. is available.
how it works
It does this by analyzing ‘shutdown.log’, which the company calls a “previously unknown forensic artifact”. It was also found that Pegasus infection can leave traces in shutdown.log, and can be found in the sysdiagnose collection of iOS. “This collection retains information from each reboot session, meaning that anomalies associated with the Pegasus malware become apparent in the logs if an infected user reboots their device,” Kaspersky notes.
Those found include examples of “sticky” processes with imminent reboots and other traces. Also, when analyzing shutdown.log, when infected with Pegasus, a common infection patch -‘/private/var/db/’- can be seen. This is also seen in infections caused by other iOS malware such as Predator and Reign.
How to check for infection and protect yourself?
Kaspersky has created a self-check tool for users, and it is available on GitHub for everyone to see. To make it accessible to more and more people, the company has made it available for macOS, Windows and Linux.
Kaspersky also lists ways to protect yourself from this malware:
– Reboot your device daily.
– Go into lockdown mode.
– Disable iMessage and FaceTime.
– Download the latest software updates.
– Do not click on foreign, random links you receive.
– Check backups and Sysdiags frequently.
Follow us on Google news ,Twitter , and Join Whatsapp Group of thelocalreport.in
