Do you think someone hacked your phone? Is the government spying on your device? In an era of increased access to the internet with our smartphones, it is possible to get hacked and spied on. The word is easy. It is easy to get spyware installed without your knowledge. Mobile Verification Toolkit (MVT) is a tool you can use to do a consensual forensic analysis of your Android and iOS devices to see whether it is compromised.
A program called Pegasus spyware, founded in 2010 by Israeli firm Pegasus NSO group technologies, makes it possible to spy on mobile devices remotely. According to reports, Pegasus spyware is enabling governments everywhere to hack into the smartphones of thousands of human rights activists, journalists, and politicians.
Use This Mobile Verification Toolkit To Check For Spyware
Amnesty International Security Lab researchers conducted an in-depth analysis of smartphones, and in July 2021 launched an MVT tool to check if the NSO Group Pegasus spyware infected your smartphone. Here is how you can use it:
Key MVT Features
Some features of what the Mobile Verification Toolkit does:
- Decrypt encrypted iOS backups.
- Process and parse records from the iOS system.
- Extract installed applications from Android devices.
- Extract diagnostic information from Android devices.
- Compare extracted records to a provided list of malicious indicators
- Generate a unified chronological timeline of extracted records
- Generate a timeline of all detected malicious traces.
Requirements and Installation
Note that MVT requires Python 3.6 or later to run. Please verify that MVT is available on your operating system before moving forward. MVT is best run on Linux or Mac systems. It does not currently support running on Windows.
If you want the tool to scan your phone for signs of Pegasus, you’ll need to feed in Amnesty’s indicators of compromise , which are available on its GitHub page.
Once you set off the process, the toolkit scans your phone backup file for any evidence of compromise. It then spits out several files in a folder with the results of the scan. If the toolkit finds a compromise, it will say so in the outputted files.
The detailed documentation for MVT can be found here for more guidance.