Amnesty international and Paris-based Forbidden Stories have unearthed new evidence that suggests NSO Group's spyware has successfully infected thousands of iPhone 11 and iPhone 12 models through iMessage zero-click attacks, potentially compromising the data security of thousands of iPhone users.
Amnesty International put forward its revelations in a report published on its official website on Monday.
Through its Pegasus Project initiative, Amnesty International and Forbidden Stories have conducted forensic tests on several such devices and found these results, the report said.
The Pegasus Project is an Amnesty International and Forbidden stories collaboration that facilitates international investigative journalism efforts to reveal spying abuses by various governments upon journalists, opposition politicians, activists, business people and others using the private NSO Group's Pegasus spyware,
In regards to the findings, Deputy Director of Amnesty Tech Danna Ingleton said, "Apple prides itself on its security and privacy features, but NSO Group has ripped these apart. Our forensic analysis has uncovered irrefutable evidence that through iMessage zero-click attacks, NSO's spyware has successfully infected iPhone 11 and iPhone 12 models. Thousands of iPhones have potentially been compromised. "
"These attacks have exposed activists, journalists and politicians all over the world to the risk of having their whereabouts monitored, and their personal information and used against them. "
"This is a global concern – anyone and everyone is at risk, and even technology giants like Apple are ill-equipped to deal with the massive scale of surveillance at hand," added Danna Ingleton.
Danna also said that NSO Group can no longer hide behind the claim that its spyware is only used to fight crime. There is overwhelming evidence that NSO spyware is being systematically used for repression and other human rights violations.
According to Danna Ingleton, the new Project Pegasus findings show that the surveillance industry is out of control and states must immediately implement a global moratorium on the export, sale and use of surveillance equipment until a human rights-compliant regulatory framework is in place.
"NSO Group must immediately stop selling its equipment to governments with a track record of abusing human rights," added Danna
Earlier on Sunday, Paris-based Forbidden Stories and Amnesty International released a report, based on the investigation of leaked data, that showed a list of 50,000 records of phone numbers that clients of the Israeli company NSO Group, the developer of Pegasus, selected for surveillance. These include heads of state, activists and journalists, including Jamal Khashoggi's family.