This one is for Pegasus. In May 2019, a vulnerability discovered in Facebook’s WhatsApp messaging app was reportedly being exploited to inject commercial spyware onto Android and iOS phones by simply calling the target. The spyware developed can be installed without trace and without the target answering the call, according to security researchers and was confirmed by WhatsApp.
It works on a technique called ‘Zero-click’ which does not require the target’s participation to hack their device. According to OCCRP (Organised Crime and Corruption Reporting Project), it exploits bugs in popular apps like iMessage, WhatsApp, and FaceTime, which all receive and sort data, sometimes from unknown sources. It can infiltrate a device using the protocol of the app. The user does not have to click on a link, read a message, or answer a call — they may not even see a missed call or message. Pegasus spyware can turn on a phone’s camera and mic and collect emails, messages, and location data. However, before you get worried about that missed call, there are rare spyware apps that can do this as it requires major technical sophistication.