Skip to Content

What the latest Pegasus spyware leaks tell us

New documents show journalists and activists are being surveilled using the tools built by secretive Israeli security company NSO.

CEO of Israel's NSO Group Shalev Hulio
Shalev Hulio, CEO of NSO Group, in Tel AvivREUTERS/Ammar Awad

Over the weekend, a consortium of international news outlets published their findings from an investigation into the use of Pegasus, the marquee spyware product of the secretive billion-dollar Israeli surveillance company NSO Group. 

The reports from the Guardian, the Washington Post, and 15 other media organizations are based on a leak of tens of thousands of phone numbers that appear to have been targeted by Pegasus. While the devices associated with the numbers on the list were not necessarily infected with the spyware, the outlets were able to use the data to establish that journalists and activists in many countries were targeted—and in some cases successfully hacked

The leaks indicate the scope of what cybersecurity reporters and experts have said for years: that while NSO Group claims its spyware is designed to target criminals and terrorists, its actual applications are much more broad. (The company released a statement in response to the investigation, denying that its data was leaked, and that any of the resulting reporting was true.) 

My colleague Patrick Howell O’Neill has been reporting for some time on claims against NSO Group, which “has been linked to cases including the murder of Saudi journalist Jamal Khashoggi, the targeting of scientists and campaigners pushing for political reform in Mexico, and Spanish government surveillance of Catalan separatist politicians,” he wrote in August 2020. In the past, NSO has denied these accusations, but it has also more broadly argued that it can’t be held responsible if governments misuse the technology it sells them.

The company’s central argument, we wrote at the time, is one “that is common among weapons manufacturers.” Namely: “The company is the creator of a technology that governments use, but it doesn’t attack anyone itself, so it can’t be held responsible.” 

Leaks are an important tool for understanding the way Pegasus is used, in part because it is so hard for researchers to spot the software when it is on devices. In March, one researcher at the cybersecurity watchdog Citizen Lab—which has focused on studying the software—explained how Apple’s high security measures had allowed NSO to breach iPhone security but block investigators.

“It’s a double-edged sword,” said Bill Marczak, a senior researcher at Citizen Lab. “You’re going to keep out a lot of the riffraff by making it harder to break iPhones. But the 1% of top hackers are going to find a way in, and once they’re inside, the impenetrable fortress of the iPhone protects them.”

It is not the first time NSO has found itself embroiled in controversy. Facebook is currently suing the company over allegations that Pegasus manipulated the infrastructure of WhatsApp to infect more than 1,400 cell phones. Facebook has said in court documents that its own investigation has identified more than 100 human rights defenders, journalists, and public figures targeted by Pegasus. 

Last August, NSO Group CEO and cofounder Shalev Hulio told MIT Technology Review that he knew his company had “been accused, with good reason, of not being transparent enough,” and that his industry should be held more accountable for its secrecy, particularly as its methods become harder to detect by outside watchdogs and researchers. 

As the Post notes, NSO Group does not provide details on its clients, citing confidentiality. Two weeks ago, the company released its first “Transparency and Accountability Report,” where it revealed that it has 60 clients in 40 countries. Most of the clients are intelligence agencies or law enforcement.

Deep Dive


It’s time to retire the term “user”

The proliferation of AI means we need a new word.

Modernizing data with strategic purpose

Data strategies and modernization initiatives misaligned with the overall business strategy—or too narrowly focused on AI—leave substantial business value on the table.

How ASML took over the chipmaking chessboard

MIT Technology Review sat down with outgoing CTO Martin van den Brink to talk about the company’s rise to dominance and the life and death of Moore’s Law.


Why it’s so hard for China’s chip industry to become self-sufficient

Chip companies from the US and China are developing new materials to reduce reliance on a Japanese monopoly. It won’t be easy.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.