For more than the past year, London-based reporter Rania Dridi and at least 36 journalists, producers and executives working for the Al Jazeera news agency were targeted with a so-called "zero-click" attack that exploited a now-fixed vulnerability in Apple's iMessage.

The attack invisibly compromised the devices without having to trick the victims into opening a malicious link. To be fair, like many journalists with an iPhone, the hacked hacks believed that they were safe from all attacks because they didn't use software from Microsoft.

In a technical report out Sunday and shared with TechCrunch, the researchers say they believe the journalists' iPhones were infected with the Pegasus spyware, developed by Israel-based NSO Group.

Citizen Lab, the internet watchdog at the University of Toronto, was asked to investigate earlier this year after one of the victims. Al Jazeera investigative journalist Tamer Almisshal appears to have suspected that his phone may have been hacked and handed it over to someone who was nothing to do with Apple. Almisshal's iPhone was analysed and found it had between July and August connected to servers known to be used by NSO for delivering the Pegasus spyware.It is not clear if Almisshal's warranty was voided.

The device revealed a burst of network activity that suggests that the spyware may have been delivered silently over iMessage. Logs from the phone show that the spyware was likely able to secretly record the microphone and phone calls, take photos using the phone's camera, access the victim's passwords, and track the phone's location.