Smart phones use operating systems — either iOS of Apple or Android in most of other phones. In their software, the hacking firms try to spot vulnerabilities to sneak into the phone and access the data. Two Israel-based companies, NSO Group making Pegasus and QuaDream, have been using reportedly such vulnerabilities to hack the phones for their clients.

Generally, hackers introduce the malware when the user clicks a malicious link. However, the Israel-based firms use the zero-click technique. Both used similar software exploits called ForcedEntry. It is a computer code designed to leverage a set of specific software vulnerabilities. It provides a hacker unauthorized access to data.

These vulnerabilities could be hidden deep inside the instant messaging platform. Security researchers call ForcedEntry as most technically sophisticated hacking.

Apple fixed the flaws in late 2021, thus rendering both the software ineffective.

Apple has field a suit against NSO Group claiming that the company has violated user’s terms and conditions, and the suit is in its initial stages. NSO has denied any such wrongdoing.

Snooping companies sell the software to governments to protect them against national security threats. However, journalists and human right activists document the abuse of such software.