Security News > 2020 > December > Journalists' Phones Hacked via iMessage Zero-Day Exploit
A recently observed Pegasus spyware infection campaign targeting tens of Al Jazeera journalists leveraged an iMessage zero-click, zero-day exploit for infection.
Cybersecurity firms and human rights organizations have detailed multiple malicious attacks involving Pegasus, many of them targeting journalists and human rights activities.
In a newly published report, Canadian interdisciplinary laboratory Citizen Lab, which is based at the Munk School of Global Affairs & Public Policy at the University of Toronto, details a new series of attacks in which Pegasus infected "36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera."
The attacks, which were performed in July and August 2020, involved the use of a zero-click exploit in iMessage, a zero-day vulnerability in at least iOS 13.5.1, which allowed attackers to hack Apple's iPhone 11 devices.
Al Araby TV journalist Rania Dridi was also targeted with Pegasus spyware, at least six times, with two of the attacks likely involving zero-day exploits.