Citizen Lab, a cybersecurity and human rights abuse research group at the University of Toronto, said the zero-day was part of an exploit chain named Kismet that was created and sold by NSO Group, a well-known vendor of spyware and surveillance products. Researchers claim NSO sold the Kismet hacking tool to at least four entities, who used it in July and August 2020 to hack the personal iPhones of 36 Al Jazeera reports from all over the globe. The Citizen Lab team believes it identified two of the four of the buyers in Saudi Arabia and the United Arab Emirates, linking the activity to two groups the organization has been tracking as Monarchy and Sneaky Kestrel.