Governments are said to have used NSO’s Pegasus spyware to steal private images from the phones of female journalists and activists.
These images were subsequently shared online in an attempt to smear their reputations, including one case in which a bikini shot was falsely claimed to have been taken at the home of a journalist’s boss.
In a report released by Amnesty International, the extent to which NSO’s Pegasus spyware has been employed by authoritarian governments was revealed. Receiving a specific iMessage could be enough to infect an iPhone without the need for user participation.
Apple defended iPhone security, but raised eyebrows when it appeared unconcerned about taking the steps necessary to make attacks more difficult.
Apple did deploy a security update in iOS 14.7.1 that is widely considered to be aimed to thwart the specific attack vector used by NSO in the past, but the corporation is undoubtedly working on a replacement.
Despite inconsistent comments from NSO, a number of governments have been barred from employing the malware.
Pegasus is a piece of malware that was used to steal incriminating pictures.
NBC News reports:
Ghada Oueiss, a Lebanese broadcast journalist at Al-Jazeera, was eating dinner at home with her husband last June when she received a message from a colleague telling her to check Twitter. Oueiss opened up the account and was horrified: A private photo taken when she was wearing a bikini in a jacuzzi was being circulated by a network of accounts, accompanied by false claims that the photos were taken at her boss’s house.
Over the next few days she was barraged with thousands of tweets and direct messages attacking her credibility as a journalist, describing her as a prostitute or telling her she was ugly and old. Many of the messages came from accounts that appeared to support Saudi Crown Prince Mohammed bin Salman Al Saud, known as MBS, including some verified accounts belonging to government officials.
“I immediately knew that my phone had been hacked,” said Oueiss, who believes she was targeted in an effort to silence her critical reporting on the Saudi regime. “Those photos were not published anywhere. They were only on my phone.”
“I am used to being harassed online. But this was different,” she added. “It was as if someone had entered my home, my bedroom, my bathroom. I felt so unsafe and traumatized.”
Oueiss is one of several high-profile female journalists and activists who have allegedly been targeted and harassed by authoritarian regimes in the Middle East through hack-and-leak attacks using the Pegasus spyware, created by Israeli surveillance technology company NSO Group.