Pegasus removal on Android mobile phone??

[Kev]

So the standard protocol to remove this nasty malware is to re-flash with know good fully audited ROM, and Toss the also infected SIM card.

Please don't mention those common compromised turnkey security ROMs claiming to be safe, which you are in fact self-pwning your hardware, by the same parties who have mischievous developers contributing to those, conveniently available ROMs.

Standard flashing only overwrites the [System partition] and [Boot partition], which is NOT effective by itself!

What exact steps running under Linux allows complete overwriting of the?:

[1] Vendor partition.

[2] Radio Partition

[3] "Misc" partition.

[4] Persist partition

[5] ODM partition.

Above done Before you install the clean custom built ROM.

Yes, i know there are 2 separate processors and OSes running underneath the main one you visually interface with, each having both 100-percent access to modify it real-time, after time spent doing clean-up. But i can address this part on the IC circuit level.

 

Moderators, please observe and remove any "suspected" rants DEFLECTING from the task we are trying to safely accomplish here.

[digininja]

Wouldn't it be easier just to get a new phone?

Anything that involves so much work to try to be secure often ends up failing because steps get cut or misunderstood and so not followed correctly.

Also once you put a custom ROM on there, you are responsible for keeping it patched which again isn't easy.

Finally, you are going to have to put apps on the phone to make it usable, what are you going to do to ensure all of those are fully trusted?

I'm sure what you are asking for is possible but often too complex to be practical and not worth the effort.

[Kev]

The Easy "Convenient" phone purchase, would seem like a quick fix, but its truly Not.

Technical Methods & Processes are my focus.

This type of attack can be repeated immediately after new phone purchase via OTA update and dialing your phone by spoofed number and "1 other sneaky way".How many phones are you willing to purchase per day, to play that silly game?

Also can be added to phone during mail shipment intercept or targeted via local regional cellphone providers/big box retails inventory.

Not trying to use every app. A very small set of audited and restricted custom made apps can be installed.

 

The ability to take a brand new or slightly older phone, decontaminate it, ensuring its secure state for use, during a period of time. Wash-rinse-repeat as necessary!

 

[digininja]

Good luck with it then, it's a lot of work you have to do perfectly every time and unless you know you are targeted then I reckon you'd get fed up of it very quickly.