Spyware from NSO Group can obtain user data from Apple, Google, Facebook, Amazon and Microsoft servers, according to an article in The Financial Times.
While NSO has consistently rejected any espionage or hacking allegations, the company has never denied the development of such technology, prompting many questions among experts.
According to the Financial Times, the infected smartphone provides NSO's Pegasus software with authentication keys for Google Drive, Facebook Messenger and iCloud cloud services. With this technology, Pegasus manages to bypass two-step authentication and email notification.
Users are not notified of suspicious activity.
Some information security experts doubt the effectiveness of Pegasus, but representatives of Amazon and Facebook have already promised to investigate and strengthen the security measures of their cloud services, if necessary.
It was revealed in May that WhatsApp had been targeted by NSO, according to Forbes.