How To Remove Pegasus Spyware From Infected iOS Devices

Pegasus spyware removal for iOS devices. Here’s what you need in order to remove or delete Pegasus spyware from your infected iPhone, iPad or iPod touch devices.

It’s one thing to know about the vulnerabilities and exploits that existed in iOS prior to iOS 9.3.5 firmware being released by Apple, and it’s another thing entirely to find out whether or not your iPhone, iPad or iPod touch device has been infected by that malicious code.


If your iPhone or iPad has been infected by the recently revealed Pegasus bug, then of course you’re going to want to run through the process of actually removing that threat from the device. We are going to walk you through the process here on how to remove it, with the guide split into two different parts; for those with a stock non-jailbroken iOS device, and those with a jailbroken device.

As some of you may have already understood, it is those with a jailbroken iPhone or iPad that are more vulnerable to it even though Pegasus affects both jailbroken and non-jailbroken devices. So without further ado, here’s what you need to do:

Non-jailbroken devices:

If you happen to have a non-jailbroken iPhone, iPad or iPod touch and you don’t care about jailbreaking, then the solution is relatively easy; upgrade that device to the latest iOS 9.3.5 firmware made available by Apple. Apple’s iOS 9.3.5 firmware was released without warning purely to patch the vulnerabilities within the system that allowed devices to be vulnerable to Pegasus infection.

As we previously reported closer to the time, the sudden release of iOS 9.3.5 was put through to patch three significant security issues in Apple’s iOS platform. By installing iOS 9.3.5 onto your iPhone, iPad or iPod touch, you’re not only ensuring that the device is no longer susceptible to those issues, but that Pegasus is removed if it is indeed present.

You can take the route of updating your iPhone or iPad over-the-air by heading to Settings > General > Software Update or if you prefer to do a complete restore on iOS 9.3.5 using iTunes, you can grab the IPSW file directly from here: Download iOS 9.3.5 IPSW For iPhone, iPad, iPod touch [Direct Links].

Jailbroken devices:

Step 1: First and foremost, you’re going to want to find out if you have actually been infected by the Pegasus threat. In order to find out, you can follow our extremely easy-to-follow guide on the process here: How To Check For Pegasus iOS Spyware On Your iPhone Or iPad.

Step 2: If it turns out that you aren’t infected with Pegasus, then obviously no further action is needed, although it’s still recommended updating to iOS 9.3.5 to protect yourself if you don’t mind losing the jailbreak. If you do happen to be infected with Pegasus though, then you’re going to need to launch Cydia and add the following repository as a new source:

Step 3: When that repository is installed, search for Perl package and install it just like you would with any other Cydia-based package.


Step 4: Now, as above, add the following repository to Cydia:

Step 5: When added, search for pgcheck package, and as you might have guessed, install it to the device like you would any other package. pgcheck’s source code is available on GitHub in case you want to check out.


Step 6: Once both of the above packages are installed, perform a reboot on the device and ensure that it is put back into jailbreak mode when it boots back up. For details on how to that, check out our guide here: Re-Jailbreak Pangu / PP On iOS 9.3.3 After Reboot, Here’s How.

Step 7: When the device reboots, the installed pgcheck package will automatically run as a background process. It will provide a user-facing alert to the existence of Pegasus on the infected device, followed by immediately activating Airplane Mode to disable any network connections so that any would-be attacker can’t access it. The removal process will then be handled by pgcheck.

You may also like to check out:

You can follow us on Twitter, add us to your circle on Google+ or like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple and the Web.