NSO Group Pegasus Indicator of Compromise

Amnesty International published technical details about its forensics investigation which includes information about the evolution of Pegasus spyware infections since 2018. The researchers also shared data related to the Pegasus’s infrastructure, including more than 700 Pegasus-related domains. All indicators of compromise are available on our GitHub , including domain names of Pegasus infrastructure, email addresses recovered from iMessage account lookups involved in the attacks, and all process names Amnesty International has identified as associated with Pegasus. Amnesty International is also releasing a tool we have created, called Mobile Verification Toolkit (MVT). MVT is a modular tool that simplifies the process of acquiring and analysing data from…