It’s an undeniable fact that mobile devices have become an integral part of our lives. The widespread use of mobile phones, especially for business communications, has increased exponentially over the past decade, making them a lucrative target for malicious actors. With over 7.21 billion smartphones worldwide, accounting for approximately 90% of the global population, a bad actor could access the phone of nearly anyone they want in the world.
While individuals and businesses have focused on securing computers and networks, mobile phones have remained significantly under-protected. In recent years, the threat of mobile phone hacking has emerged as a significant concern. We’ve seen hackers and cybercriminals employ various techniques to intercept and compromise voice and text communications, including malware, commercial spyware, vishing (voice phishing), smishing (SMS phishing), and corrupted applications.
In 2023, Amnesty International's Security Lab uncovered a sophisticated hacking campaign targeting Android phones, attributed to a mercenary spyware company. Active since at least 2020, the attack exploited various zero-day vulnerabilities in Android devices, particularly affecting Samsung users in the United Arab Emirates through malicious SMS links. This spyware, capable of capturing and decrypting data from chat services and browsers, highlights significant security lapses in devices.
In 2024, Court documents revealed that the Israeli surveillance firm NSO Group continued to exploit zero-day vulnerabilities in WhatsApp to deploy its Pegasus spyware, even after being sued by WhatsApp in 2019. NSO Group developed multiple exploits, including an initial attack vector known as "Heaven," which WhatsApp blocked in late 2018, followed by "Eden," which was used in attacks on approximately 1400 devices until WhatsApp patched the vulnerabilities in May 2019. Despite these blocks, NSO introduced another exploit named "Erised," which remained active until changes by WhatsApp in May 2020. It’s estimated that NSO’s Pegasus was installed on “between hundreds and tens of thousands” of target devices.
NSO has admitted to reverse-engineering WhatsApp's code to create these exploits but denies responsibility for the misuse of its spyware by clients. The ongoing battle between NSO and WhatsApp highlights the persistent threats posed by sophisticated spyware and the challenges in securing communications against determined adversaries.
The article from Citizen Lab exposes the ongoing abuse of Pegasus spyware in Mexico, revealing that Mexican journalists and a human rights defender were targeted and infected between 2019 and 2021. Despite assurances from President Andrés Manuel López Obrador that the government would no longer engage in such practices, the findings by the Mexican digital rights organization R3D, with technical support from Citizen Lab, contradict these claims. The spyware infections targeted individuals reporting on official corruption, human rights abuses, and criminal investigations, using sophisticated zero-click attacks that did not require user interaction. T
In 2023, AT&T disclosed a significant data breach affecting approximately 109 million U.S. customers, compromising call and text records from 2022. The breach involved unauthorized access to detailed communication logs, including telephone numbers, call durations, and cell site identification numbers. While AT&T has stated that financial information and passwords were not accessed, the exposure of call and text records raises significant privacy concerns.
Commercial spyware represents one of the most challenging types of mobile phone hacks to prevent and detect, mainly due to the significant investment in advancing this technology. Often deployed by governments under the guise of “security,” mobile spyware is exceptionally invasive.
Donncha Ó Cearbhaill, Amnesty International’s Head of the Security Lab, illustrates the capabilities of advanced spyware: "Once the spyware had wormed its way into the phones, it was able to pull out all the data on the device, including photos, messages, GPS locations, Signal messages – it could even film you through the phone's camera."
As demonstrated, no country is immune to the threats posed by mobile phone hacking. John Scott-Railton, a senior researcher at Citizen Lab, emphasizes the scale of the issue within the European Union, saying, “The European Union has a clear spyware problem and European parliamentarians are absolutely not immune. We've found European parliamentarians targeted with spyware in the past, and it is undoubtedly set to continue. It's an extremely serious problem for Europe."
The world of mobile phone hacking is a complex and ever-evolving landscape. From sophisticated spyware campaigns targeting human rights defenders and journalists to massive data breaches compromising millions of customer records, the threats to our digital privacy and security are both real and widespread.
Throughout this article, we have explored real-life examples that underscore the diverse methods employed by malicious actors to intercept and exploit our mobile communications. Whether through the exploitation of zero-day vulnerabilities, the deployment of commercial spyware, or the abuse of legitimate surveillance tools, these incidents serve as a stark reminder of the need for heightened vigilance and proactive measures.
As our reliance on mobile devices continues to grow, it is imperative that we stay informed about the potential risks and take steps to protect ourselves. This may involve keeping our software up-to-date, being cautious of suspicious links or messages, and considering the use of encrypted mobile phones when handling sensitive information.
Ultimately, the responsibility for safeguarding our digital privacy lies with all of us – individuals, corporations, and governments alike. By raising awareness, advocating for stronger security standards, and holding accountable those who misuse surveillance technologies, we can work towards a more secure and trustworthy digital ecosystem.