Summary:
New iShutdown scripts have been developed to enable the detection of spyware on iPhones. These scripts provide a method for analyzing the Shutdown.log file, which contains important forensic artifacts. The scripts include iShutdown_detect, iShutdown_parse, and iShutdown_stats, each serving a specific purpose in analyzing and extracting information from the Shutdown.log file. The detection method using the Shutdown.log file has proved effective in identifying malware families such as Reign, Pegasus, and Predator. The scripts have been published on GitHub for forensic investigations on iOS devices.
Hashtags:
#iOS #iPhone #iShutdown #spyware #forensics #malwaredetection