Pegasus Spyware – Is it really possible to completely hack a mobile device …
After extensive research by OCCRP, The Guardian, and other reliable sources, the investigators have confirmed that 10 governments have been spying on their journalists, activists, businesspeople, and even government officials using software developed by an Israeli cyber firm NSO group. You can read about it here: [https://www.occrp.org/en/the-pegasus-project/](https://www.occrp.org/en/the-pegasus-project/)
I personally know a lot of people (mainly journalists) who were victims, and after Amnesty International Security Office did an analysis on their phone, they found the Pegasus app itself, if not its traces showing that the software deleted itself for not exposing it to the owner. The owners knew the government might have been listening to them (e.g. intercepting cellular signals or not even need to think deeply, all cell carriers are compromised), but they had no idea such an app could have been installed in their phone. Most of them were also very practical at security, not clicking any links even from friends or using only anonymous chatting apps.
Then I saw [this video](https://youtu.be/G7H9uo3j5FQ) by The Guardian. In the first minute, it tells how the software can be injected into the operating system just by a text message. I have been doing programming for many years now, even got into learning some hacking, but I can’t think of a proper way that there is such thing as hacking only with a text message. The only such vulnerability would mean the OSs themselves have a big security issue (don’t know the mobile term for this, but something like XSS injection), but that is of very low probability. Nowadays all updated versions of the mobile OS even ask for permissions for all apps, so I cannot really believe how this happened. I would like to hear what do you think about it. Is such hacking really possible?