‘Zero Click’ Invisible Text Messages Took Over iPhones For Spies: REPORT

Photo by JACK GUEZ/AFP via Getty Images

Daily Caller News Foundation logo
Ailan Evans Deputy Editor
Font Size:

Apple sent out several emergency security updates Monday after researchers detected a flaw that allowed spyware to infect iPhones, Apple Watches and Mac computers — without a click.

The updates were issued for the operating systems of most Apple devices in response to an investigation by Citizen Lab, a Canadian cybersecurity watchdog and research group, that discovered the mechanism used for infecting a Saudi activist’s iPhone with spyware developed by Israeli technology firm NSO Group. The spyware, known as “Pegasus,” allows for users to infect devices, such as computers, smartphones, and smart accessories, through messaging services without requiring the receiver to click on a link.

“We determined that the mercenary spyware company NSO Group used the vulnerability to remotely exploit and infect the latest Apple devices with the Pegasus spyware,” researchers said in the investigation. (RELATED: Apple Will Scan iPhones, Encrypted Messages For Child Pornography)

The “zero-day zero-click” spyware allows users to remotely access data including messages, emails, calls and photos on Apple devices, according to Citizen Lab. Researchers said the flaw was being exploited in Apple devices since at least February 2021.

People visit the Apple store in the Oculus Mall in Manhattan on July 29, 2021 in New York City. (Photo by Spencer Platt/Getty Images)

People visit the Apple store in the Oculus Mall in Manhattan on July 29, 2021 in New York City. (Photo by Spencer Platt/Getty Images)

The flaw, dubbed FORCEDENTRY by Citizen Lab, allowed a third party to gain access to an Apple device by sending it a “.gif” file in a message. Researchers said they were withholding more technical information about the flaw until a later date.

Citizen Lab said it suspected the flaw was intentionally developed by NSO Group due to the firm’s history of using similar cybersecurity vulnerabilities to install its spyware.

“We believe that the bug is distinctive enough to point back to NSO,” researchers wrote.

Citizen Lab disclosed the flaw to Apple, who issued several emergency security updates Monday to close the vulnerability.

“We’d like to commend Citizen Lab for successfully completing the very difficult work of obtaining a sample of this exploit so we could develop this fix quickly. Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals,” Ivan Krstić, head of Apple security engineering and architecture, said in a statement shared with the Daily Caller News Foundation.

“While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data,” Krstić said.

NSO Group was the subject of an investigation by the Guardian, The Washington Post, Amnesty International and over a dozen other journalism and human rights groups that alleged the technology company was selling its spyware products to repressive governments. The investigation found the spyware was installed on the phones of several targets of human rights abuses, including those close to murdered Saudi journalist Jamal Khashoggi.

It’s unclear how many devices were exploited through the flaw.

Citizen Lab did not immediately respond to the Daily Caller News Foundation’s request for additional comment.

Editor’s note: This article has been updated to include a statement from Apple.

All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact