The Israeli aggregation behind WhatsApp hack beforehand this May has developed new technology that can clandestinely steal a user’s data from Apple, Google, Facebook, Amazon, and Microsoft.

According to The Financial Times — which appear the development — NSO Group’s Pegasus malware “has now acquired to abduction the much greater trove of advice stored beyond the phone in the cloud, such as a full history of a target’s area data, archived letters or photo.”

Upon accession on the target’s phone, the new adequacy works by artful the login accreditation of assorted casework like Facebook Messenger, Google Cloud, iCloud, and others, and then using a abstracted server to mimic the phone, including its location.

This server then syncs all the information, including messages, photos, and area history, from the ‘connected’ device, and relays them back to the surveillance operators.

The report added states that the number of people whose cloud accounts may have been targeted by this latest address is not yet known, although it appears NSO’s parent aggregation Q-Cyber pitched the annual to the government of Uganda.

NSO Group is known for alive with governments to install Pegasus spyware. It appearance avant-garde capabilities to jailbreak or root an adulterated mobile device, turn on the phone’s microphone and camera, scan emails and messages, and aggregate all sorts of acute information.

In May, the FT apparent a vulnerability in WhatsApp’s audio call affection that accustomed attackers to inject iPhones and Androids with Pegasus. This prompted the Facebook-owned messaging annual to issue a server-side update to patch the exploit.

The aggregation maintains that its software is only sold to amenable governments to help foil agitator attacks and crimes. But Pegasus has been found to be abolished to track human rights activists and journalists around the world.

The report added states that while NSO Group denied architecture hacking or mass-surveillance tools for cloud services, it did not accurately deny that it had developed the new surveillance feature. Some of the big tech companies mentioned in the report are now said to be investigating the claims at their end.

The new revelations come at a time when cloud acceptance is accelerating at a rapid pace, with aegis and aloofness arising a top antecedence for major annual providers. Risks from data loss and arising charcoal a huge barrier to wider cloud adoption.

Cybersecurity firm Check Point’s 2019 Cloud Aegis Report early this week cited crooked cloud access and annual hijacking as some of the major cloud vulnerabilities, affirmation the need for stronger affidavit mechanisms to aegis users adjoin such stealth attacks.

Read next: Instagram will kindly let you know you’ve F’ed up before banning you