Security News > 2024 > January > iShutdown scripts can help detect iOS spyware on your iPhone

iShutdown scripts can help detect iOS spyware on your iPhone
2024-01-17 18:03

Security researchers found that infections with high-profile spyware Pegasus, Reign, and Predator could be discovered on compromised Apple mobile devices by checking Shutdown.

Kaspersky released Python scripts to help automate the process of analyzing the Shutdown.

Log file can only write data containing signs of infection if a reboot is performed after the compromise, Kaspersky recommends restarting the device infection often.

Kaspersky initially used the method to analyze iPhones infected with Pegasus spyware and received the infection indicator in the log, which was confirmed using the MVT tool developed by Amnesty International.

A similar path visible in the Shurdown log file is also often used by the Predator spyware that targeted lawmakers and journalists.

Based on this, Kaspersky researchers believe that using the "Log file may be able to help identify infections by these malware families," provided that the target reboots their phone frequently enough.


News URL

https://www.bleepingcomputer.com/news/security/ishutdown-scripts-can-help-detect-ios-spyware-on-your-iphone/