In December, we published our groundbreaking investigation into mobile device threats. The public didn't just read the report—they took action, scanning over 18,000 unique devices through iVerify, revealing 11 new Pegasus detections. 

These latest detections reveal a clear pattern that demands attention. The availability of thousands of new scans for analysis from the business community demonstrates that Pegasus is not just a civil society problem. The victims of these new detections are mostly business executives, who have access to future business dealings, financial data, and influential professional networks.

Each scan is more than a data point – it's a declaration that users are no longer willing to accept the status quo of mobile device security. 

Our co-founder Rocky Cole summed it up perfectly in WIRED, "The age of assuming that iPhones and Android phones are safe out of the box is over. The sorts of capabilities to know if your phone has spyware on it were not widespread. There were technical barriers and it was leaving a lot of people behind. Now you have the ability to know if your phone is infected with commercial spyware.”

Details on New Detections 

Last May, we democratized mobile threat hunting by launching a $1 application that allows members of the general public to scan their devices for signs of advanced compromise, like Pegasus. Around 3,000 people scanned their devices and the result was 7 true positive Pegasus detections, constituting around 2.5 infections for every 1000 phones scanned. We reported only true positive Pegasus detections that we could definitely prove and where we were able to verify the identity of the end user via outreach. We acknowledged that the initial incidence rate likely skewed heavily towards highly targeted individuals or people who already thought their device might be compromised; nonetheless, this ‘natural experiment’ received significant press coverage.

Following the extensive press coverage, 18,000 more people downloaded our iVerify Basic application and scanned their devices, and the result was that we detected 11 new cases of Pegasus in December alone. 

The addition of these new detections brings our global incidence rate down to around 1.5 Pegasus detections per 1000 scans; however, the larger sample size increases our confidence that this figure represents something closer to the true incidence rate and allows us to draw potentially more interesting conclusions. For example, we see signs that mobile compromise extends beyond high value targets like politicians and activists, and indeed, appears to impact a broad cross section of society. The new confirmed detections, involving known variants of Pegasus from 2021-2023, include attacks against users across government, finance, logistics, and real estate industries. Many were attacked with multiple variants and monitored for years.

What’s more, in about half the cases, the targets did not receive Threat Notifications from Apple. These individuals would not have known their devices were compromised if they had not been using iVerify. There will likely be more discoveries as we are still investigating multiple cases where forensic traces indicate possible attacks, as new scans are submitted to iVerify daily.

A Heartfelt Thank You to Our Community

To every individual who took five minutes to scan their device: thank you. Your curiosity, your vigilance, your commitment to digital privacy – these are the tools that are truly democratizing mobile security. You're not just protecting your own device; you're helping create a broader understanding of mobile threats that have long remained hidden.

What We've Learned

Our technology has confirmed what we've long suspected: mobile threats are far more prevalent than traditional security models suggest. By putting powerful threat detection directly into users' hands, we're challenging the narrative of mobile device safety.

Each scan is a beacon of light, illuminating the dark corners of mobile security. And the more we look, the more we find.

If you haven't yet scanned your device, now is the time. The five-minute investment could protect you from sophisticated spyware that operates entirely without your knowledge.

Download iVerify today. Join a community that's changing the landscape of mobile security, one scan at a time.

Together, we're not just detecting threats – we're dismantling them.