How to Detect Pegasus Spyware on Your iPhone or iPad

IMPORTANT: Most recently, Apple launched iOS 14.8 that blocks this spyware, so be sure to update all of your devices immediately to the latest version. This will ensure the security of your device.

[Disclaimer: Zeus App does not prevent any possible malware infection. It only detects known signs of current or past infectious activity by looking for malicious file names, links, etc. Scan results do not guarantee your device is 100% clean from malware. Some results can be difficult to interpret and might contain false assumptions.

Please read the documentation carefully before proceeding. It is of significant importance to understand the scope and limitations of Zeus App's analyzer in order not to develop a false sense of safety and security – see in the Scope below. This software cannot be replaced or considered as expert support and assistance.]

Zeus is a malware detection tool that is available as a free app on the official Softorino website. It can be used to identify any known signs of infection by NSO's Pegasus and may be developed further to be able to detect other infections. 

The app provides users with the ability to define whether there are any actual or possible traces of the Pegasus infection. It helps prevent further malware infections and provides a safe backup for your device to protect user data from interaction with Pegasus.

Zeus App was created at the core of the open-source Mobile Verification Kit by Amnesty International’s Security Lab. 

How to detect Pegasus spyware and other possible infections with Zeus App

• Download Zeus App on your PC and connect your iPhone/iPad via USB

• Unlock your iOS device to establish a connection with your computer

• Once detected by Zeus, click on Run Full Spyware Test

• Follow the instructions to complete the analysis

• You will receive the report on possible spyware existing on your iPhone/iPad

1. Before you begin

Please read this part about Softorino's commitment and privacy protection carefully before you start working with Zeus.

1.1 Our commitment: full transparency

You can download the app from the website right away with no need to purchase any other software license or pay for anything. It is available without any restrictions and works as an independent app that is free to download*. 

*Any kind of donation is voluntary and welcome if you are satisfied with the app.

1.2 Privacy and internet connectivity

The spyware analyzer tool will search for any detectable signs of infection in a backup of your iPhone/iPad. Both processes take place on your computer only — this means none of your personal data or files go to any third parties. 

It is recommended to enable backup encryption that will protect all your personal data in the future.

Zeus app requires an internet connection only to update the software.

1.3 Scope and limitations

Zeus app analyzes the latest backup of your iPhone or iPad to spot any traces of spyware. Such detection mostly depends on searching for references to known malicious links, email addresses, file names, etc. 

Successful detection of less known or widespread infection patterns depends on logic contained in Zeus App's code. Therefore, it is necessary to make sure Zeus app is working with the latest updates before running a spyware test.

2. In-depth tutorial

Step 1: Install and launch Zeus App

Make sure to download and read more about Zeus App in advance on the official Softorino website:

After the download is complete, launch Zeus and accept the terms of a User Agreement.

Follow the instructions on the right side of the app's window.

Step 2: Connect your device to the app

After launching the Zeus app, connect your iPhone or iPad via a USB cord to establish a connection between your computer and your iOS device. Zeus app will recognize it afterward as well. 

💡 Security tip: if it is your first time connecting your mobile device to your computer, Zeus will display a pairing screen. Pairing is an Apple feature that establishes a secure link between your iOS device and your computer. Pairing requires you to enter a passcode on your device. 

Step 3: Run a backup for your device

You should create a new backup to your local disk to proceed with the spyware test. You can change your backup location and the device if you have done a spyware check with another iPhone or iPad.

Click "Start Backup & Scan" to run the backup. It may take up to 15-60 minutes depending on your device's capacity.

Analysis Report

The analysis will be based on the latest backup. It is done to analyze the file system on your iPhone or iPad and detect if there are any patterns or traces of spyware attacks.

Step 4: Review backup options

As mentioned above, these features give you the opportunity to change the backup location and desired device if you have worked with any beforehand. 

Step 5: Unlock your backup and start the scan

After having copied files to a local disk, Zeus will ask you to enter your iPhone's or iPad's password to unlock your device's backup. Scanning the malware will automatically start right away. It will take up to several minutes to finish the backup analysis.

3. Interpreting results

Once the analysis of your device's backup is complete, Zeus will show you the result window with three possible scenarios:

• Clean or Green status: no malware detected whatsoever

• Warning or Yellow status: possible traces of spyware detected by the system

• Spyware or Red status: signs of NSO Pegasus have been found on your device

3.1 Clean scan

This is what the dialog looks like after a clean scan:

A clean report only means that no traces of spyware known to the Zeus app were detected, and there is still no 100% guarantee that the device is not infected. 

3.2 Positive detection and possible traces

This is what the dialog looks like after Zeus has detected possible traces of Pegasus:

If the app detected the actual spyware signs, its screen will look like this:

After it has detected possible or actual traces of spyware activity, Zeus will give you several recommendations on what to do next. It is recommended to backup your device to iCloud, update your device, and restore all the data from this last backup.

This will help you save your files and data without the risk of losing them.

You can also change the location for your last backup. This feature is available by clicking on the dedicated field above the "Check Another iPhone" button.

3.3 What if Zeus App says my device is infected?

Even if Zeus App tells you that you have any type of spyware, there’s still the possibility that it’s a false positive. To be sure, we recommend sending your results to the Softorino support team and verify if it’s real malware. And if you are in any way connected to the government, we highly encourage you to eject the SIM card from your iOS device and shut it off completely.

If the app helped you protect your device, you are welcome to send a donation to app developers. You can do so by clicking "Donate to support developers" on the bottom right side of the app's window.

If you need assistance with any question, you can always reach out to support@softorino.com 

This app does not track any personal data, user behavior stats, nor collects them. Zeus App does not share any of the data with Softorino Inc. or other third parties. It only uses the network connection for the purpose of software updates

Josh Brown

CEO at Softorino

Twitter

LinkedIn