Al-Masarir’s iPhones had been hacked in 2018 after he clicked on links in three text messages seemingly sent from news outlets as special membership offers.

I wonder if opening unknown links in an Incognito session would have helped, or if he would’ve had to avoid opening them entirely.

Wikipedia says it’s “designed to be covertly and remotely installed on mobile phones running iOS and Android,” and has some detailed descriptions including:

“Google’s Project Zero documented another exploit, dubbed FORCEDENTRY, in December 2021. According to Google’s researchers, Pegasus sent an iMessage to its targets that contained what appeared to be GIF images, but which in fact contained a JBIG2 image. A vulnerability in the Xpdf implementation of JBIG2, re-used in Apple’s iOS phone operating software, allowed Pegasus to construct an emulated computer architecture inside the JBIG2 stream which was then used to implement the zero-click attack. Apple fixed the vulnerability in iOS 14.8 in September 2021 as CVE-2021-30860.”

Pegasus is a powerful and controversial hacking tool made by Israeli company NSO Group. NSO Group insists it only sells its spyware to governments to help track terrorists and criminals.

But Citizen Lab has discovered it on phones belonging to politicians, journalists and dissidents - including al-Masarir.

Promises from Israel?!

The total damages awarded are £3,025,662.83 but it’s not clear if Saudi Arabia will pay.

The BBC contacted the Saudi embassy in London but has not had a reply.

I wish him well.