A groundbreaking investigation by mobile security firm iVerify has revealed multiple new infections of the sophisticated Pegasus spyware targeting devices, challenging previous assumptions about the prevalence of advanced mobile threats.
During a large-scale scanning initiative in May 2024, iVerify detected seven Pegasus infections after analyzing 2,500 devices through their newly launched Mobile Threat Hunting feature. The infections spanned multiple iOS versions, with the most recent exploit discovered on iOS 16.6 from late 2023.
"What we found validates our core hypothesis - these threats are more common than previously thought, they're just hiding in plain sight," said Matthias Frielingsdorf, Co-Founder and iOS Security Researcher at iVerify.
The investigation marked a departure from traditional mobile threat research, which typically examines only a small number of pre-selected high-risk devices. By making professional-grade security scanning accessible to everyday users through a 5-minute process, iVerify has pioneered a more democratic approach to threat detection.
The discovered infection rate of 2.5 devices per 1,000 scans is notably higher than previous studies have suggested. However, the company notes that the scanned devices belonged primarily to high-risk individuals like journalists, government officials, and corporate executives.
The Pegasus spyware, developed by NSO Group (referred to as Rainbow Ronin by iVerify), is capable of complete device takeover without requiring any user interaction. Once installed, it can access messages, emails, photos, and call logs while remaining undetected by standard security measures.
The investigation uncovered five distinct malware variants across iOS and Android platforms, with forensic evidence found in device diagnostic data, shutdown logs, and crash logs. Some infections dated back to 2021 and 2022, demonstrating how long such compromises can persist without detection.
"Traditional security approaches have left us with massive blind spots," Frielingsdorf explained. "By democratizing threat detection, we're finally getting a clearer picture of the true state of mobile device security."
This research represents a major shift in mobile security methodology, suggesting that comprehensive scanning of a broader device population may reveal more widespread compromise than previously understood.