What is mercenary spyware and how is it being used to silence dissent?
Journalists, activists and human rights workers across the globe are being targeted by mercenary spyware — powerful surveillance tools developed by private vendors. Such tools, which are often deployed with little to no oversight, are increasingly being purchased and used by governments to silence dissent.
Mercenary spyware and how it works
Mercenary spyware is known for silently seizing control of cell phones or computers, allowing attackers to commandeer your digital life. An infected device can have all its messages read, phone calls monitored, location tracked, photos gathered and even its microphones and cameras activated on command, all without the target knowing.
Early spyware required a target to click on a malicious link, usually sent over SMS or through a messenger such as WhatsApp, for an infection to take place. Modern attacks, however, utilize what are known as “zero-click exploits,” meaning a target can have their device totally compromised without doing anything at all.
Zero-click exploits are highly sought after by spyware companies. Currently, such bugs can earn a hacker upwards of $1 million if discovered. Spyware companies integrate those exploits into their software, granting their customers access to state-of-the-art surveillance capabilities.
The most notable spyware is Pegasus, developed by the Israeli company NSO Group. Founded in 2010, NSO Group and its flagship product have been linked to numerous incidents involving aggressive and targeted surveillance.
High-profile targets
Spyware companies advertise their products as geared towards criminals and terrorists. Yet in reality, governments have reportedly used tools like Pegasus to target dissidents.
In perhaps the most famous case, Pegasus was reportedly used to target the wife of Jamal Khashoggi, the United States-based Saudi journalist who was lured into the Saudi consulate in Istanbul on Oct. 2, 2018, and killed. Turkish officials said Khashoggi, a longtime critic of the Saudi regime under Crown Prince Mohammed bin Salman, was assassinated on orders from the highest levels of the Saudi government.
Societal effect
Dunja Mijatović, the Council of Europe Commissioner for Human Rights from 2018 to 2024, said in 2024 that these powerful surveillance tools not only affect those targeted, but democratic societies as a whole.
“The use of spyware has a chilling effect on other human rights and fundamental freedoms, including freedom of expression and public participation,” Mijatović wrote. “It creates a climate of self-censorship and fear where all individuals can be treated as suspects and where human rights defenders and active members of political life are particularly threatened.”
Tech pushback
For years, tech companies were unable to defend their users against advanced spyware. The growing spotlight on the industry, however, is slowly shifting the tide.
Both Apple and Google now issue alerts to users that they believe are being targeted by mercenary spyware. In April 2024, Apple sent notifications to iPhone users in 92 countries.
“Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-,” the warning said. “This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously.”
Apple also introduced Lockdown Mode, a feature that hardens iPhones and MacBooks against sophisticated attacks. Google similarly launched a feature known as Advanced Protection.
And in May, a federal court ordered NSO Group to pay nearly $170 million to WhatsApp and its parent company Meta after hacking nearly 1,400 WhatsApp users with its spyware.
But it isn’t just tech companies standing up against the spyware industry. In 2015, the prominent Italian spyware vendor Hacking Team was breached by a hacker who leaked over 400 GB of internal emails, source code and client lists. The incident exposed the repressive governments using Hacking Team’s spyware and brought renewed scrutiny to the industry as a whole.
Government response
After years of exposure, some governments finally began working to rein in the spyware industry. Former President Joe Biden, for example, issued an executive order in 2023, ordering U.S. agencies to cut ties with spyware companies that pose a threat to national security and human rights. In response, 22 other countries agreed to institute similar rules aimed at countering the proliferation and misuse of commercial spyware.
Two years prior, NSO Group was blacklisted by the United States Department of Commerce, essentially shuttering its efforts to expand its business in the U.S.
Although NSO Group has made an attempt to appeal to President Donald Trump, a meeting scheduled for May with the company was canceled after administration officials accused the Israeli firm of being “not forthcoming in its motives for seeking the meeting,” according to The Washington Post.
As noted in a July report from the Foundation for Individual Rights in Education, or FIRE, spyware companies continue to aggressively lobby Washington lawmakers to remove restrictions on the export of their tools.
Even with U.S. restrictions, mercenary spyware continues to proliferate across the world.
Ella Rae Greene, Editor In Chief
