An explosive spyware report shows limits of iOS, Android security

private spyware has long caused alarm in cybersecurity circles, as authoritarian governments have repeatedly been caught targeting the smartphones of activists, journalists, and political rivals with malware purchased from unscrupulous brokers. The surveillance tools these companies provide frequently target iOS and Android, which have seemingly been unable to keep up with the threat. But a new report suggests the scale of the problem is far greater than feared—and has placed added pressure on mobile tech makers, particularly Apple, from security researchers seeking remedies.

This week, an international group of researchers and journalists from Amnesty International, Forbidden Stories, and more than a dozen other organizations published forensic evidence that a number of governments worldwide—including Hungary, India, Mexico, Morocco, Saudi Arabia, and the United Arab Emirates—may be customers of the notorious Israeli spyware vendor NSO Group. The researchers studied a leaked list of 50,000 phone numbers associated with activists, journalists, executives, and politicians who were all potential surveillance targets. They also looked specifically at 37 devices infected with, or targeted by, NSO’s invasive Pegasus spyware. They even created a tool so you can check whether your iPhone has been compromised.