MEFF M3-PRO: Mobile Threat Detection for iOS and Android

MEFF M3-PRO: Mobile Threat Detection for iOS and Android

M3 Pro Screen

Check smartphones for indications of spyware, Trojans, malware and system anomalies - with fast, traceable results and documentable reports.

The MEFF M3-PRO is a professional platform for detecting and analysing mobile threats on Apple (iOS) and Android devices. It is designed for situations in which it is not a matter of guesswork, but of a reliable technical assessment: Are there indications of surveillance, manipulation or suspicious activity - and what does this mean for the next steps?

The M3-PRO combines several analysis methods in one system. Depending on the case, an analysis can be carried out directly on the device or via a traffic/network analysis, which is also possible without direct access to the phone.

Technical possibilities

The M3-PRO offers three examination modes in one product:

  • Physical analysis on the device (forensic testing at system and app level).
  • Data traffic/traffic analysis (monitor inputs and outputs, recognise suspicious communication).
  • Remote analysis via QR code (planned: not yet available).

Android - Analysis

For Android devices, USB-based scans (e.g. via WebADB), a live analysis of installed apps and critical authorisations as well as the detection of advanced Trojans/spyware are planned.

  • USB scanning (e.g. via WebADB) for quick tests in the field or in the laboratory.
  • Analysis of installed applications and security-relevant authorisations.
  • Detection of advanced Trojans/spyware and system anomalies.
  • Multilingual PDF reports (depending on configuration).

Traffic & Network - Data traffic analysis

A particular advantage is the traffic analysis: The M3-PRO can monitor connections and network activities, for example to recognise suspicious destinations (IP addresses, domains, DNS activity) and evaluate potential data leaks. This mode can also be used without direct access to the phone and is designed to protect the customer's privacy.

  • Live recording of connections and connection statistics.
  • Identification of suspicious IP addresses, domains and DNS activities.
  • Evaluation of possible data outflows to unauthorised Servern.

Areas of application

The M3-PRO is particularly suitable for:

  • Authorities & investigation centres: technical assessment of the situation in the event of suspected surveillance and targeted malware.
  • Company: Risk and compliance checks, incident response support, executive security.
  • Private individuals: substantiated assessment in the event of suspected spyware/stalkerware or compromised devices.

iOS (Apple) - Analysis

For iOS devices, the M3-PRO supports the analysis of sysdiagnostic data and MVT-based spyware detection, among other things. The aim is to identify technical indicators (IOCs) that match known attack and surveillance patterns.

  • Evaluation of sysdiagnostic files (transfer/import according to workflow).
  • MVT-based detection and structured processing of results.
  • Report preparation with comprehensible presentation of the findings.

Result & Reports

At the end of the examination, you will receive structured documentation of the tests and findings, depending on the mode selected. There are two types of report:

  • A detailed technical report (including tests, timelines and instructions for action).
  • A certified report for legal/administrative use (e.g. for internal procedures or notifications to competent authorities).

According to the product description, the certification is based on the Mobile Verification Toolkit (MVT) and is orientated towards the standards of Amnesty International - with the aim of making results internationally traceable.

MEFF M3-Pro overview brochure
MEFF M3-PRO Instructions for use
Traffic Report MEFF M3-PRO
MEFF M3-PRO IOS Scan example

F.A.Q.

What exactly does the M3-PRO test?

It checks smartphones for technical indications (indicators/artefacts) that may point to spyware, Trojans, malware or system anomalies - depending on the mode on the device or via traffic/network.

Does it work with iOS and Android?

Yes, according to the product description, the M3-PRO supports both iOS and Android analyses, each with suitable workflows.

Is there a remote test?

Remote analysis via QR code has been announced. According to the product page, this function is not yet available and will be added later.

Will I receive a report?

Yes, depending on the case, you will receive a technical report and - according to the product description - an additional certified report for legal/administrative purposes.

Can all spyware be detected with certainty?

Highly developed spyware tries to avoid traces. A serious analysis therefore provides either reliable evidence or a comprehensible all-clear within the methodological limits.

How does the commissioning process work?

After a brief preliminary clarification (device type, suspicion, urgency), we select the appropriate mode and then create the documented results.

The MEFF M3-PRO is a solution for Detection of mobile threats on iOS and Android. It checks smartphones for indications of Spyware, Trojans, malware and system anomalies and delivers Comprehensible, documentable reports. For investigating and prosecuting authorities, a copy is available on request. 14-day provision free of charge or a Live demo on site possible.

The M3-PRO combines Device analysis and Traffic/network analysis to recognise suspicious communication; a Remote testing via QR code is announced, but according to the description not yet available. iOS analyses are based, among other things, on Sysdiagnosis/MVT, Android analyses on USB scans and App and authorisation check. High-end spyware can avoid traces - results are therefore either reliable indications or a justified all-clear within methodological limits.

Data recovery specialist in Cologne
MEFF M3 PRO

Source & further information at:

MEFF