You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

💡 Did you know?

⏺ If you can't accept iCloud Terms and Conditions... Learn more >

⏺ If you don't see your iCloud notes in the Notes app... Learn more >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Pegasus exploit?

I’ve read a lot about this topic before I decided to post a question.


In reality, is it possible to detect if my device was infected by Pegasus with scripts that have been posted on GitHub to detect it?


Now I know the story - Pegasus is expensive piece of spyware that usually hits people in politics, public names, activists etc. I wouldn’t call myself an activist but I have been posting on social media a lot about problems in society in my country and there was a lot of hate speech around it.


Here are all the things that happened. Now, for a while I didn’t have access to a secure Wi-Fi to update my iOS so I was running an old version of iOS for some time. During that period, all of a sudden, I started receiving calls from unknown numbers all around the world (Nigeria, Morocco, Cyprus, Germany, USA etc), SMS with links from unknown numbers (I haven’t clicked on any of them), two way authentication on my social media was shut down (the change I didn’t make) and some while later a lot of activity on my social media I didn’t make - bunch of posts, likes, changes of my personal information etc. Facebook, Instagram, twitter and such I don’t care that much for but the worst part was it started happening on my LinkedIn profile - I mean you name it, posts, sent invites to link with people I don’t even know, likes, followed pages and companies rose from some 50 to almost 2000, etc.

I checked the previous and active sessions on social media and I found multiple sessions opened with IP addresses from around the world.

I had problems with mobile data traffic - it was turning on and off by itself and it was sluggish when it was on. The phone operator checked all the settings and they said that everything is fine and that it’s not a problem on their side. My battery was draining really fast and I also noticed some pictures missing from my gallery as well as some notes.

All of this stopped when I updated my iOS and reset all my passwords.


Now is it possible that during the period I ran old version of iOS someone did zero click exploit on my phone and downloaded my saved passwords from the phone?

I don’t know how to explain all this in any other way and I haven’t heard of any other spyware or viruses that have that kind of abilities other than Pegasus.

And even if I send my phone to analysis, AFAIK, to find the source of exploit or even if it was infected is virtually impossible.


Thoughts?

iPhone 12 Pro, iOS 15

Posted on Apr 29, 2022 4:21 AM

Reply
Question marked as Top-ranking reply

Posted on Apr 29, 2022 2:24 PM

These questions are approximately useless without direct forensic access to the (potentially) effected devices, and without rather more knowledge of whether you're a likely target, and if you're at all concerned if this happened wipe and reload with the most current iOS and reset all of your passwords.

Similar questions

2 replies
Question marked as Top-ranking reply

Apr 29, 2022 2:24 PM in response to Boomslang84

These questions are approximately useless without direct forensic access to the (potentially) effected devices, and without rather more knowledge of whether you're a likely target, and if you're at all concerned if this happened wipe and reload with the most current iOS and reset all of your passwords.

Pegasus exploit?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.