It’s the scariest kind of hack – you do not need to click on a link or otherwise interact with your phone, but all that is required for you to be hacked is that the hacker sends a specially formatted message. Pling, chopped.
The hack in question was detected by Citizen Lab at the University of Toronto and was exploited by the NSO Group, the Israeli company that sells advanced electronic espionage to authorities in dictatorships around the world. The target that Citizen Lab has managed to confirm was journalists and other employees of the Al Jazeera television station in Qatar, as well as a journalist at Al Araby TV in London. The hack must have been carried out by order of Saudi Arabia and the United Arab Emirates.
Citizen Lab believes that this group represents only a small minority of all those who may have been targets for NSO Group’s Pegasus spyware.
It was a journalist who suspected that his phone had been hacked and contacted Citizen Lab, which then installed a special VPN app which in turn monitored all internet traffic and revealed the hidden contact with NSO Group’s servers.
The bug in Imessage must have been fixed in iOS 14 and Citizen Lab urges all users to update to the latest version of the system.