|
|
|
|
|
|
by _fzslm
1804 days ago
|
|
|
no idea if this is still the case for the latest version of pegasus. but in 2019, it was observed that the malware tries to hide its tracks by cleaning DataUsage.sqlite, a database file that stores records of tx/rx on mobile data. but it left an observable inconsistency in doing so, wiping only one of the two pertinent tables. source[0] [0] https://twitter.com/billmarczak/status/1416801514685796352 |
|
|