'ZDNET Recommends': What exactly does it mean?
ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.
When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.
ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.
Is your phone infected with Pegasus spyware? This $1 app can check
Between unencrypted messaging hacks, data breaches, and AI scam calls, smartphone-centered security threats appear to be everywhere. iVerify found that one type of spyware is trying to make a comeback.
Also: Why you should power off your phone once a week - according to the NSA
Last week, the mobile security firm resurfaced findings from its spyware detection feature: Out of 2,500 device scans that customers submitted for inspection, seven devices had been infected by the infamous Pegasus spyware.
The commercial spyware and phone hacking tool made headlines in 2021 when it was discovered on the personal phones of journalists and government officials. As ZDNET's Charlie Osborne explained, Pegasus spyware can "extract handset information, harvest conversations taking place over apps including WhatsApp and Facebook, monitor email clients and browser activity, record calls, and spy through their microphone and camera" -- all without a user's knowledge.
According to iVerify's blog post, in May 2024, the security company launched an investigation to widen the scope of how mobile malware investigations are conducted to provide ordinary people with the ability to perform a "professional-grade security scan" in just five minutes. With iVerify's "Mobile Threat Hunting feature," available via the iVerify Basic app, anyone can scan almost all the data on their iPhone or Android for a one-off payment of just one dollar.
Also: FBI, CISA urge Americans to use secure messaging apps after massive cyberattack
Pegasus was developed by the Israeli cyberintelligence firm NSO Group, which claims to largely sell the tech to governments to detect and prevent terrorism globally, tackle criminal activity, and surveil dissident behavior. However, in the last decade, NSO's Pegasus malware has reportedly been used in at least 45 countries, infecting the phones of activists, journalists, and human rights organizations.
Needless to say, it's probably a good idea to check your phone. Here's how.
How to use iVerify to scan for spyware
IVerify's "Mobile Threat Hunting" feature utilizes malware signature-based detection, heuristics, and machine learning to scan for anomalies in iOS and Android devices and signs of spyware infection.
Also: How to stop spam texts on your iPhone in 3 easy steps
The company offers a free version of the feature for anyone who downloads the iVerify Basic app for iOS or Android for $1, while paying iVerify customers can use the tool regularly to check devices for potential compromises. Free users can use the tool once a month.
A few things to know: To run the Mobile "Threat Hunting" feature, users must enter an email address so the company can contact them if a scan turns up spyware. Currently, the iVerify Basic app is only available for phones and iPads.
1. Download the iVerify Basic app
2. Begin the scan
Once you download the app, you should see the "Threat Hunting" feature on the home screen. Tap "New Forensic Scan" to begin.
The app will then direct you to "press and hold both volume buttons and power button for 0.5 to 1 seconds." The scan will begin after you feel a vibration.
Also: iOS 18.2 with Apple AI is available for iPhone. How to download it (and which models support it)
Once the buttons are pressed and the scan is triggered, the app will begin uploading data.
3. Submit your email for results
When the scan is complete, you will be given instructions to submit your scan results to iVerify for analysis by providing an email address. If the company finds anything suspicious or concerning in the results, it will contact you via email.
For me, it said that no threats had been detected.
iVerify also offers a subscription service to enterprise companies and other organizations that scan devices continuously.