So I know I was phished as the got into my gov and tried to steal payments

You now know that the analytic logs contain words such as Pegasus and Pegasus.Frameworks, and they are part of your OS that have nothing to do with any Spyware. It has been part of the OS long before there was even a thing called Pegasus Spyware, so you don't need to be concerned about that at all. There are also scary words and phrases in the logs such as "Roots" and "Remote Connection" that you are supposed to see in the log and are also nothing to be worried about.

Phishing is a real concern and nothing happens by just opening the message, you would have to provide them the personal information and for your gov website, it would be that password. Also make sure you are not using the same password for multiple sites.

I assume you have changed your .gov password and you should also have the option to use two factor authentication on the site as well that would prevent access without a code being sent to a Trusted Device or email account. If you get an email from the .gov site, don't use any links or phone number from that message and sign into your account where you should then be able to review the information provided in the email/message.

Responding to a message with "huh" did not allow someone to get into your gov site.

As for analytics, there is Pegasus mentioned many times in the analytic logs, it just is not want you think it is. The Pegasus Framework has been a part of the OS long before there was anything known as Pegasus Spyware and they have nothing to do with each other. You DO NOT have Pegasus spyware on your phone.

In addition, there is nothing you will find in the Analytic logs that will be of any value to you. There are other "scary" words or phrases that you will see that are totally normal and are expected to be seen there. If you are concerned that you have some kind of mercanary spyware on your phone, then review this Support Article to see if you have a Threat Notification on your account.

About Apple threat notifications and protecting against mercenary spyware - Apple Support

So despite no jailbreak or anything I opened a message which didn’t contain any links and seems like a weird sentence to which with out thinking I replied “huh?” And two hours later they were in my gov and changing payment destinations

Your phone can't protect you against "phishing".

Phishing isn't an attack on the security of your phone's hardware and software. It is an attack focused on you. If criminals can fool you into compromising your own security, they do not have to go to all the work it would take to "hack" your phone (something well beyond the skill level of your typical scammer).

Recognize and avoid social engineering schemes including phishing messages, phony support calls, and other scams - Apple Support

I went scanning thru the foreign language of the analytics section and found some sketchy looking parts which I then noticed contained the word Pegasus and other slightly shonky sounding prompts - why would that be there can someone who actually knows please help me out here 🙏

A lot of people post here claiming that something in analytics proves that they have been "hacked" … when the screenshots they post prove nothing of the sort. Analytics can be hard even for software engineers to decode. They're not meant for ordinary users, which is why the phone normally keeps them tucked away from the main screens.

What, specifically, did you do other than replying "huh?" to this phishing message?

That, in and of itself, would have confirmed to the criminals that you had a good number or e-mail address, and might have put you on a list to get more scam messages from them. But I'm not seeing how it would give them access to a Federal Government account managing something like Veteran's or Social Security benefits.

Did you, perhaps, enter any user names and passwords in response to the "phishing" message?

I Dont claim to understand the analytics data by any stretch

There are reasons for this. If you look to find the model number of your iPhone in analytics.....you will see that it is probably different from the model number of the phone that you have in your hands.

TanyaBrowne wrote: I tried to log into it and couldn’t when I called them they informed me that it had been locked down because someone had tried to redirect my payments to a different bank account

So that someone did not actually succeed in taking your id, right? Have you been able to reestablish your id and access with this gov site?

My guess is that by replying to the phishing text you gave the sender some info whiched helped them try to access your accounts. But there is nothing wrong with your phone. Follow Mac Jim ID's advice.

TanyaBrowne wrote: I tried to log into it and couldn’t when I called them they informed me that it had been locked down because someone had tried to redirect my payments to a different bank account

So that someone did not actually succeed in taking your id, right? Have you been able to reestablish your id and access with this gov site?

My guess is that by replying to the phishing text you gave the sender some info which helped them try to access your accounts. But there is nothing wrong with your phone. Follow Mac Jim ID's advice.

TanyaBrowne wrote:

they were in my gov and changing payment destinations

what exactly do you mean by “gov”?