The Growing Threat of Targeted Spyware: What You Need to Know

TL;DR

• Targeted spyware poses significant risks to digital privacy and human rights.
• Key players like Paragon Solutions and NSO Group have faced controversies over surveillance activities.
• Organizations like CitizenLab work to uncover and mitigate these threats, emphasizing the importance of keeping devices updated.

The Rising Concern of Targeted Spyware

Experts continue to raise alarms about the burgeoning market for targeted spyware and its implications for espionage. Before delving into the intricacies of targeted spyware, it is essential to understand the key players involved in this industry and those working against it.

Key Players in the Spyware Industry

Paragon Solutions

Paragon Solutions, an Israeli company, specializes in high-end surveillance technology primarily marketed to government clients. Their products, including the spyware Graphite, are positioned as crucial tools for combating crime and ensuring national security. However, Paragon faced significant controversy when they were accused of targeting specific WhatsApp users, including journalists and civil society members. This led to a cease-and-desist notice from WhatsApp and the termination of Paragon’s contract with Italy following the discovery that Italian citizens were targeted.

NSO Group

The NSO Group is another prominent player, known for its high-level spyware Pegasus. The NSO Group has also been implicated in spying on WhatsApp users. The group defends Pegasus as a beneficial tool for investigating and preventing terrorist attacks and maintaining public safety.

Organizations Fighting Against Spyware

CitizenLab

On the opposing side, CitizenLab, an interdisciplinary laboratory based in Toronto, Canada, focuses on studying information controls that impact internet openness, security, and human rights. Their work has significantly contributed to the understanding of the global digital surveillance landscape and its implications for human rights. CitizenLab is often credited with discovering vulnerabilities in iOS, WhatsApp, and other software by analyzing devices infected with high-level spyware¹.

In an interview with TheRecord, CitizenLab founder Ronald Deibert revealed that the organization routinely checks devices for spyware. Their forensic skills have advanced to the point where they can pinpoint the exact moment of infection down to the second².

Impact on Digital Security

While most individuals may never encounter high-level spyware directly, the vulnerabilities exploited by such tools can affect a broader audience. Both Paragon and the NSO Group have uncovered numerous zero-day vulnerabilities in browsers and other online applications by compromising mobile devices. These zero-day vulnerabilities are rare and expensive but become more widely known once used against victims, increasing the risk of exploitation by smaller criminal actors.

To mitigate these risks, it is crucial to keep devices up-to-date. This blog, along with Malwarebytes’ Trusted Advisor, consistently emphasizes the importance of regular updates to protect against emerging threats.

Protecting Your Mobile Devices

Cybersecurity risks should not be confined to headlines. Take proactive steps to safeguard your mobile devices by downloading Malwarebytes for iOS and Malwarebytes for Android today.

Conclusion

The threat of targeted spyware is real and growing. Understanding the key players and the work being done to mitigate these risks is crucial for protecting digital privacy and human rights. By staying informed and keeping our devices updated, we can collectively enhance our digital security.

References

1. CitizenLab (2025). “A first look at Paragon’s proliferating spyware operations”. CitizenLab. Retrieved 2025-03-20. ↩︎

2. TheRecord (2025). “Ron Deibert Citizen Lab spyware interview”. TheRecord. Retrieved 2025-03-20. ↩︎