Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Catching NSO Group's Pegasus Spyware

media.ccc.de via YouTube

Overview

Explore the behind-the-scenes investigation of NSO Group's Pegasus spyware in this 45-minute conference talk. Gain insights into Amnesty International's Security Lab's multi-year tracking efforts and the development of innovative forensic tools to detect the supposedly "undetectable" Pegasus spyware on infected devices. Learn about the open-source Mobile Verification Toolkit (MVT) used to identify traces of Pegasus on activists' and journalists' devices worldwide. Discover the methodology behind the global investigation into Pegasus abuses, including real-world examples from Morocco. Understand how MVT's features, such as ID Status Cache, network log analysis, and timeline functionality, contribute to uncovering sophisticated mobile spyware threats. Examine the impact of publishing forensic methodologies and tools on subsequent case discoveries.

Syllabus

Intro
Pegasus Project Global investigation into abuses of NSO Group's Pegasus abuses.
Pegasus found in-the-wild
A wild Pegasus message appears
Pegasus in Morocco
Mobile Verification Toolkit (MVT)
MVT: ID Status Cache
MVT: Network logs - evidence of infection
MVT: Timeline feature
Cases found following our publication of forensic methodology and tools
Conclusion

Taught by

media.ccc.de

Reviews

Start your review of Catching NSO Group's Pegasus Spyware

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.