However, a report from the Financial Times has revealed that an Israeli firm by the name of the NSO Group has developed a tool called Pegasus that can not only break into iOS devices, but can access the user’s iCloud account to pull data from it. Apparently it can capture a “much greater trove of information stored beyond the phone in the cloud, such as a full history of a target’s location data, archived messages or photo.”
According to NSO Group, they are pitching their Pegasus tool to governments to be used for investigations. They are boasting that their tool is so powerful that it can even bypass two-factor authentication, and will not tip off the user that something suspect is going on. This means that users won’t even know that data is being harvested from their devices.
Apple has acknowledged that the tool does exist, but note that they “do not believe these are useful for widespread attacks against consumers.”