- In July 2020, an Azerbaijani journalist’s iPhone silently received a command to open the Apple Music app.
- Without the journalist’s knowledge or interaction, the app connected to a malicious server and downloaded spyware onto the phone that remained there for 17 months, eavesdropping on phone calls and text messages.
- The hack was an example of a “zero-click” attack—a method of placing spyware on a phone without tricking a user into doing anything, such as clicking on a malicious link sent in an email or text message.
- It’s a technique that governments have utilized to target their opponents on a greater scale and for a longer duration than previously known, according to recent research from Amnesty International and Citizen Lab.