An unusual error in NSO’s spyware allowed Saudi women’s rights activist Loujain al-Hathloul and privacy researchers to discover a trove of evidence suggesting the Israeli spyware maker had helped hack her iPhone, according to six people involved in the incident.
Al-Hathloul, one of Saudi Arabia’s most prominent activists, is known for helping lead a campaign to end the ban on women drivers in Saudi Arabia.
Soon after her release from jail, the activist received an email from Google warning her that state-backed hackers had tried to penetrate her Gmail account.
She was arrested and jailed in Saudi Arabia for almost three years, where her family says she was tortured and interrogated utilising information stolen from her device.
Zero-click malware usually deletes itself upon infecting a user, leaving researchers and tech companies without a sample of the weapon to study.
While Apple determined the vast majority were targeted through NSO’s tool, security researchers also discovered spy software from a second Israeli vendor QuaDream leveraged the same iPhone vulnerability, Reuters reported earlier this month.
Lina al-Hathloul, Loujain’s sister, said the financial blows to NSO might be the only thing that can deter the spyware industry.