
A recent investigative video aired by the Israeli Broadcasting Authority offers a look at just how easily a phone can be hacked, revealing the capacities of Unit 81, Israel’s military tech unit.
In a controlled demonstration, a cybersecurity expert shows how quickly and discreetly a phone can be taken over: camera, microphone and location, all under remote control, without the user ever suspecting a thing.
The expert begins with a seemingly simple statement, “I'm going to show you how I take control of your phone.” Within moments, the target phone is hacked. The attacker, using a computer set up to wait for the connection, gains full access once the phone links up.
The Road to Hook a Victim
The first step in the hacking process involves tricking the victim into installing vulnerable software on their phone, usually without their awareness. This can occur through something as simple as clicking a malicious link, downloading a seemingly legitimate app or accepting a file that contains hidden malware. Once the compromised software is installed, the hacker’s computer enters a standby mode, quietly waiting for the infected phone to establish a connection. When the connection is made, full remote access is granted.
With this access, the hacker can activate the phone’s front-facing camera silently. Without triggering any visual or audio alerts, a photo is taken of the user in real time. From that point on, the hacker can view everything the camera captures at any moment, completely unnoticed. Beyond visual surveillance, the software also provides access to the phone’s GPS data. The hacker can retrieve the user’s exact coordinates and track their location in real time, whether they’re at home, at work or on the move. “I can know where you sleep, where you live, if you’re with family, or at work,” the expert explains during the demonstration.
But the intrusion doesn’t end there. The hacker can also remotely activate the phone’s microphone to record audio. Within seconds, they can capture a clear sample of any surrounding conversation, again without the user having the slightest indication. These audio files can be stored and analyzed later.
A real-world example of such capabilities is Pegasus, the infamous spyware developed by the Israeli company NSO Group. Pegasus is capable of infecting both Android and iOS devices without the user clicking anything at all, what's known as a “zero-click exploit.” Once inside the device, it allows complete control: turning on the camera and microphone, extracting messages and photos, accessing encrypted apps and tracking location in real time. Pegasus has reportedly been used by governments around the world to monitor activists, journalists and politicians, often without legal oversight or user knowledge. Its existence underscores just how advanced and accessible such spying tools have become, even beyond military use.
A ‘Basic’ Attack with Major Consequences
Perhaps the most disturbing element of this entire process is its invisibility. The victim receives no warnings, no suspicious activity notifications or anything that would suggest their privacy has been breached. As the expert calmly states, “The chances of you figuring this out are very, very low.”
What’s even more unsettling is the expert’s casual conclusion, “The attack I carried out is relatively basic.” In other words, this level of intrusion doesn’t require elite tools or deep espionage. All it takes is a moment of carelessness, installing a compromised app or file, and the attacker is in.
This demonstration highlights the ever-growing sophistication of digital espionage. While Unit 81 is known for its advanced technology and is considered one of Israel’s top intelligence arms, the tools used here could, in theory, be replicated by skilled hackers around the world.
Protecting Yourself
While the report focuses on the advanced capabilities of a military intelligence unit, it also serves as a stark wake-up call for everyday smartphone users. The techniques shown in the demonstration may seem distant or high-tech, but they rely on vulnerabilities that can affect anyone.
To reduce the risk of falling victim to such intrusions, users should be cautious about what they download and avoid unknown apps or files that might contain hidden malware. It’s also essential to be skeptical of unsolicited links or attachments, even if they appear to come from trusted sources.
Maintaining strong digital hygiene includes using up-to-date antivirus software and ensuring that both the phone’s operating system and all installed apps are regularly updated. These updates often contain vital security patches that can close off entry points hackers might otherwise exploit.
The digital world offers immense convenience, but as this report shows, and as the Pegasus case confirms, it also comes with invisible risks. Staying informed is the first step in staying safe.
Comments