According to an investigation by Citizen Lab, from the University of Toronto, Canada — at least 36 employees of Al Jazeera TV as well as a London-based Al Araby TV journalist would have been spied by bypassing all security barriers of iPhone with the help of Pegasus Virus.
Pegasus is not just any virus — it is a commercial spyware developed by the now well-known Israeli company NSO Group , a software house specializing in computer espionage tools that has mainly national states and multinational companies as customers.
It was revealed that, between July and August 2020, the iPhones of 36 Al Jazeera journalists were infected with Pegasus and then thoroughly spied.
According to Citizen Lab, the vulnerability that allows Pegasus to spy on iPhones, called “Kismet,” uses a chain of several exploits, including a zero day vulnerability in iOS that does not require any user interaction.
Technically we speak of a “zero-click attack” because the phone user does not have to do anything to open the door to the spyware. The door is already open due to the Kismet vulnerability contained precisely in the iMessage app.
The iMessage app is the one pre-installed by Apple on iPhones. It is developed by Apple itself and is by far the most used messaging app by those who own an iPhone.
Once inside, Pegasus has the ability to record phone calls, capture ambient audio via the microphone, take pictures without the user’s knowledge, and even track the position of the smartphone. An iPhone infected with Pegasus, therefore, is a very powerful remote spying tool of its owner.
According to Citizen Lab, the NSO Group sold Kismet to at least four organizations, which used it to hack the personal iPhones of Al Jazeera and Al Arabi employees in July and August 2020. However, further investigation showed that the attacks began at least in October 2019.
Since the release of iOS 14, the vulnerability can no longer be exploited, and the malware developed by NSO Group no longer works. But it is known that it worked at least from iPhone 11 with iOS 13.5.1.