OP Yesterday - 04:25 AM
source : https://iverify.io/blog/iverify-mobile-t...us-samples
For years, our understanding of mobile threats was based on a dangerously narrow foundation. Research into mobile malware was limited to a microscopic sample of devices—typically those belonging to high-risk targets like journalists, political activists, and government officials. These early studies were critical to understanding the new threat landscape, but their limited nature left a huge blind spot in understanding the scale of mobile threats.
Imagine trying to understand the entire ocean by examining just one spoonful of water. That was the situation with mobile security. Research was expensive, time-consuming, and only available to a limited number of people with specialized forensic skills and resources. Each study typically covered just a few devices, often already selected because they were suspected of being compromised.
The result? A fundamentally distorted perception of mobile security. Spyware like Pegasus was perceived as a rare, targeted threat—something that might affect members of civil society, high-profile executives, or political representatives, but certainly not the average business professional or smartphone user. We told ourselves convenient stories about the rarity of these threats without truly understanding the situation.
Our approach at iVerify was simple but revolutionary: What if we could democratize mobile threat hunting? What if every smartphone user could run a professional security scan in just five minutes?
In May 2024, we did just that.
iVerify launched Mobile Threat Hunting, a study that revealed critical insights into the current state of mobile security. Our initial research included 2,500 devices self-scanned by our users and resulted in new detections of the now-famous Pegasus mobile spyware.
Democratizing Mobile Threat Detection: The Unexpected Path
When we launched Mobile Threat Hunting, we didn’t know we’d challenge everything the tech world thought about mobile security. We built a solution that put powerful threat detection right in the hands of users – a full threat scan that takes just five minutes, right on their smartphone.
What happened next was a revelation. As part of the launch, we offered our users a one-time threat hunt using our iVerify app. To our surprise, without a single ad, 2,500 of our users agreed to scan their devices. (Note: If you’re a current iVerify user, you can still take this scan. If not, download the app and scan your device.) The results of these scans confirmed what we already suspected: If you look for it, you will find it. We found seven Pegasus infections – a number that may seem small, but is a huge red flag in the world of mobile security.
These weren’t just fresh infections. Our analysis revealed a complex timeline of compromises: one infection from late 2023 on iOS 16.6, another potential Pegasus infection in November 2022 on iOS 15, and five older infections dating back to 2021 and 2022 on iOS 14 and 15. Each of these devices could have been quietly eavesdropped on, data compromised without the owner’s knowledge.
This discovery confirmed our hypothesis that spyware is widespread on mobile devices, hiding in plain sight and undetected by traditional security tools.
Our research found that 2.5 infected devices were found for every 1,000 scans, significantly higher than any previously published reports. However, it’s important to understand the context of this data:
Target Sample : These 2,500 devices represent the population most susceptible to attacks using advanced spyware.
Non-universal representativeness : This sample does not represent all iVerify devices.
High Risk : Devices belong to journalists, government officials and corporate executives.
The results revealed a critical truth: We can only understand the true scale of mobile threats if we look closely. By democratizing malware detection, we not only protect devices, we shine a light on the darkest corners of mobile security, empowering users to understand and protect against threats that were previously invisible.
This wasn’t just a technical achievement. It was a fundamental shift in our approach to mobile security — putting the power back in the hands of users, one five-minute scan at a time.
Understanding Pegasus: A Sophisticated Surveillance Tool
Developed by the NSO group, also known as Rainbow Ronin, Pegasus represents the pinnacle of invasive spyware technology:
Full control over your device : Access messages, emails, call logs, photos.
No-click attacks : Infection without user interaction.
Operating System Vulnerabilities : Exploits for iOS and Android.
iVerify Research
Our investigation in May 2024 revealed several Pegasus variants:
5 Unique Types of Malware for iOS and Android
Forensic artifacts found in:
Diagnostic data
Shutdown logs
Crash logs
I will be presenting a detailed analysis of the Pegasus sample this Friday at OBTS v7.0. If you are not in attendance, the session will be live streamed. I will also be publishing a technical article in the coming weeks where I break down this sample and share it with the industry.
Why Hunting Mobile Threats Matters
Traditional security models fail to capture the nuances of mobile threats. Previously, Pegasus detections were rare due to a lack of effective solutions to detect them, but as threat detection and remediation methods improve, we believe there are far more compromises than is commonly believed.
As Powers said, “You can’t see what you don’t understand. But what you think you understand, you won’t see.” As an industry, we believe mobile security is good, but if we took the time to inspect devices, we would realize the threat was far greater than we thought.
The good news is that we have built the ability to do this at scale and in a privacy-friendly manner. Our investigations reveal a critical truth: we cannot understand the scale of mobile threats unless we look closely. iVerify is committed to bringing these hidden threats to light and protecting individuals and organizations in an increasingly digitally complex world.
For years, our understanding of mobile threats was based on a dangerously narrow foundation. Research into mobile malware was limited to a microscopic sample of devices—typically those belonging to high-risk targets like journalists, political activists, and government officials. These early studies were critical to understanding the new threat landscape, but their limited nature left a huge blind spot in understanding the scale of mobile threats.
Imagine trying to understand the entire ocean by examining just one spoonful of water. That was the situation with mobile security. Research was expensive, time-consuming, and only available to a limited number of people with specialized forensic skills and resources. Each study typically covered just a few devices, often already selected because they were suspected of being compromised.
The result? A fundamentally distorted perception of mobile security. Spyware like Pegasus was perceived as a rare, targeted threat—something that might affect members of civil society, high-profile executives, or political representatives, but certainly not the average business professional or smartphone user. We told ourselves convenient stories about the rarity of these threats without truly understanding the situation.
Our approach at iVerify was simple but revolutionary: What if we could democratize mobile threat hunting? What if every smartphone user could run a professional security scan in just five minutes?
In May 2024, we did just that.
iVerify launched Mobile Threat Hunting, a study that revealed critical insights into the current state of mobile security. Our initial research included 2,500 devices self-scanned by our users and resulted in new detections of the now-famous Pegasus mobile spyware.
Democratizing Mobile Threat Detection: The Unexpected Path
When we launched Mobile Threat Hunting, we didn’t know we’d challenge everything the tech world thought about mobile security. We built a solution that put powerful threat detection right in the hands of users – a full threat scan that takes just five minutes, right on their smartphone.
What happened next was a revelation. As part of the launch, we offered our users a one-time threat hunt using our iVerify app. To our surprise, without a single ad, 2,500 of our users agreed to scan their devices. (Note: If you’re a current iVerify user, you can still take this scan. If not, download the app and scan your device.) The results of these scans confirmed what we already suspected: If you look for it, you will find it. We found seven Pegasus infections – a number that may seem small, but is a huge red flag in the world of mobile security.
These weren’t just fresh infections. Our analysis revealed a complex timeline of compromises: one infection from late 2023 on iOS 16.6, another potential Pegasus infection in November 2022 on iOS 15, and five older infections dating back to 2021 and 2022 on iOS 14 and 15. Each of these devices could have been quietly eavesdropped on, data compromised without the owner’s knowledge.
This discovery confirmed our hypothesis that spyware is widespread on mobile devices, hiding in plain sight and undetected by traditional security tools.
Our research found that 2.5 infected devices were found for every 1,000 scans, significantly higher than any previously published reports. However, it’s important to understand the context of this data:
Target Sample : These 2,500 devices represent the population most susceptible to attacks using advanced spyware.
Non-universal representativeness : This sample does not represent all iVerify devices.
High Risk : Devices belong to journalists, government officials and corporate executives.
The results revealed a critical truth: We can only understand the true scale of mobile threats if we look closely. By democratizing malware detection, we not only protect devices, we shine a light on the darkest corners of mobile security, empowering users to understand and protect against threats that were previously invisible.
This wasn’t just a technical achievement. It was a fundamental shift in our approach to mobile security — putting the power back in the hands of users, one five-minute scan at a time.
Understanding Pegasus: A Sophisticated Surveillance Tool
Developed by the NSO group, also known as Rainbow Ronin, Pegasus represents the pinnacle of invasive spyware technology:
Full control over your device : Access messages, emails, call logs, photos.
No-click attacks : Infection without user interaction.
Operating System Vulnerabilities : Exploits for iOS and Android.
iVerify Research
Our investigation in May 2024 revealed several Pegasus variants:
5 Unique Types of Malware for iOS and Android
Forensic artifacts found in:
Diagnostic data
Shutdown logs
Crash logs
I will be presenting a detailed analysis of the Pegasus sample this Friday at OBTS v7.0. If you are not in attendance, the session will be live streamed. I will also be publishing a technical article in the coming weeks where I break down this sample and share it with the industry.
Why Hunting Mobile Threats Matters
Traditional security models fail to capture the nuances of mobile threats. Previously, Pegasus detections were rare due to a lack of effective solutions to detect them, but as threat detection and remediation methods improve, we believe there are far more compromises than is commonly believed.
As Powers said, “You can’t see what you don’t understand. But what you think you understand, you won’t see.” As an industry, we believe mobile security is good, but if we took the time to inspect devices, we would realize the threat was far greater than we thought.
The good news is that we have built the ability to do this at scale and in a privacy-friendly manner. Our investigations reveal a critical truth: we cannot understand the scale of mobile threats unless we look closely. iVerify is committed to bringing these hidden threats to light and protecting individuals and organizations in an increasingly digitally complex world.
![[Image: eibpjgI.gif]](https://i.imgur.com/eibpjgI.gif)
![[Image: Sig.png]](https://i.ibb.co/xh4Mcd3/Sig.png)