An international investigation found 23 Apple devices were successfully hacked using NSO Group's Pegasus spyware. Hackers can perform "zero-click" attacks on phones to install the software, then use it remotely to steal emails, passwords, pictures, or videos, or record targets with the microphone or camera.
- Zero-click attacks can occur without the phone's owner even knowing they've been attacked.
- In 2019, a zero-day exploit in WhatsApp let hackers place a call to the target device to install the software, even if the call wasn't answered.
- More recently, hackers have exploited a vulnerability in Apple's iMessage software.
- The iMessage attacks work on the newest generations of iPhones even after years of security development on Apple's part.