They tried to hack his iPhone at least four times, and on two of those occasions they succeeded. This was told by Ben Hubbard, a New York Times reporter who deals with reporting the facts that happen in the Middle East, explaining that there are all grounds for believing that the Pegasus spyware was used, the same that this summer would have allowed to carry out several attacks on the devices of journalists, activists and politicians by some governments.
This telematic attack system is in fact developed by the NSO Group, whose customers are government agencies and law enforcement agencies. The company buys so-called zero-day vulnerabilities, i.e. those that are currently unknown to Apple, from hackers and uses them in its programs to create zero-click exploits, i.e. infiltrations that require no user interaction.
In some cases it is enough to simply receive a particular message via iMessage and, without even opening it, it can compromise the security of the iPhone by exposing the personal data present. Apple has already corrected the problem related to one of these flaws used by the NSO, but it is likely that the company has others available: it is the endless game of cat and mouse.
According to Hubbard, some experts from Citizen Lab checked his iPhone and confirmed that the device was the victim of four distinct attacks, two of which were of the aforementioned "zero-click" type. As a Middle East correspondent, the reporter often talks to people who take great risks in sharing information that their authoritarian governments would like to keep secret "I take many precautions to protect these sources, because if they are caught they could end up in jail, or worse."
The first two attempts to hack iPhone were carried out via a text message and a Whatsapp message. They would only work if the reporter clicked on the attached link, which of course he didn't. But there is little to be done against attacks without any interaction. "With this system they managed to get into the phone twice, once in 2020 and once in 2021, and it was like being robbed by a ghost." Based on the code found in the phone, one of the researchers believes Pegasus spyware was used on all four occasions. Not only that: other evidence seems to suggest that Saudi Arabia was behind these attacks.
From this moment on - explains the journalist - sensitive data, that is the contacts he must protect, keeps them off the phone. In addition, he encourages these people to use Signal, a messaging app that uses an encryption system such that "even if a hacker were to get in, he wouldn't be able to read chats." Also, NSO systems don't work with US phone numbers, presumably because this would lead to tightening of the country's regulations, "so I'm using an American phone card."
As a last precaution «I often restart my phone, which allows some spy programs to be eliminated, although this does not prevent them from coming back. And when I can, I resort to one of the few non-hackable options we still have (who knows for how long…) available: I leave the phone at home and meet people face to face ».