State Spyware Got Faster, Quieter, and Smarter
Pegasus can infect an iPhone with no tap from you. Predator can survive reboots. Paragon's Graphite hit WhatsApp. Governments buy these tools, then point them at journalists, lawyers, activists, and opposition politicians in more than 45 countries. Citizen Lab at the University of Toronto has tracked the evidence since 2016.
AI did not invent the spyware market. It made targeting cheaper and broader.
If you think you may be a target: Run Amnesty International's Mobile Verification Toolkit (MVT) against your device backup. Contact Access Now's Digital Security Helpline. They provide free incident response for at-risk people. Citizen Lab also runs forensic investigations.
The 2026 Spyware Market
| Product | Vendor | Jurisdiction | Capabilities | Status 2026 |
|---|---|---|---|---|
| Pegasus | NSO Group | Israel | Zero-click, full device access | Active. US sanctioned NSO 2021 |
| Predator | Intellexa | EU (dispersed) | Zero-click, reboot persistence | Active. US sanctioned Intellexa 2024 |
| Graphite | Paragon Solutions | Israel | WhatsApp zero-click | Deployed. WhatsApp sued Paragon 2025 |
| Candiru (DevilsTongue) | Candiru | Israel | Windows/browser exploits | Partially disrupted by Microsoft 2021 |
| FinFisher | Defunct | Germany/UK | Legacy desktop | Company collapsed 2021 |
What AI Changed
Automated exploit selection
Older spyware campaigns needed a human operator to match target, exploit, and delivery path by hand. That slowed everything down.
AI systems can now do that matching at speed. Once reconnaissance identifies a device, OS version, carrier, and app stack, the system can pick a likely working exploit and launch it. More targets. Less operator time.
Behavioral targeting
AI can score communication metadataData about data, such as who contacted whom, when, from what device, and from which location. Metadata often remains exposed even when content is encrypted.Glossary →, who talks to whom, how often, when, and around which topics, to flag high-value targets before anyone reads content. Journalists talking to dissidents, lawyers speaking with certain clients, activists moving across borders. The filtering scales better than human analysts ever could.
AI-assisted persistence
Predator reportedly uses behavior-aware dormancy. It can stay quiet when the device pattern looks like a security check and wake during lower-risk windows. That is not a metaphor. That is just stealth with better timing.
Where the Exploits Land
- iMessage zero-click (iOS): Pegasus used this path for years. Apple's Lockdown Mode disables parts of iMessage handling and cuts the surface.
- WhatsApp zero-click: Paragon's Graphite exploited WhatsApp to compromise 90 journalists across 24 countries, according to WhatsApp in January 2025. WhatsApp sued Paragon.
- Push notification processing: Some apps process remote content before they show it to you. That creates a zero-click path.
- Baseband and cellular flaws: These sit outside the main OS and can stay reachable through the carrier network even when the device looks hardened.
- Browser exploits: One-click links still matter. They are easier to stop than zero-click chains, but they keep working on enough targets to stay useful.
What Actually Cuts Your Attack Surface
mvt-ios check-backup. On Android, you need USB debugging and ADB. It is free and open source at github.com/mvt-project/mvt.The Hard Limit of Device Defense
A state actor with a fresh zero-day for your exact device can still get in. GrapheneOS reduces attack surface, but it cannot patch every hole in the baseband or other separate processors. No consumer device is fully safe against a well-funded state operator holding the right exploit.
Technical defenses still matter because they:
- Raise attack cost. Zero-days are expensive and burn when used
- Stop commodity and older exploit chains used in broader surveillance
- Limit post-compromise access through sandboxing and isolation
- Make forensic detection easier. MVT can spot known Pegasus patterns
- Sometimes push vendors toward easier targets with weaker OPSEC
For more on the companies behind these tools, see What is NSO Group? Pegasus Spyware Explained and The Israeli Surveillance Tech Complex: Unit 8200.
Cunicula is editorially independent and receives no funding from any surveillance technology company. Not legal advice. Affiliate disclosure.
Follow the Money
Commercial spyware runs on government contracts. Public accountability mostly comes from outside government: labs, platforms, and watchdog researchers.
- NSO Group
- $1B peak valuation. Backed by Francisco Partners. Pegasus used against journalists, activists, and heads of state in more than 45 countries.
- Paragon / Intellexa
- Paragon Solutions linked to Rafael Frankel. Intellexa and Predator formed a $50M+ consortium structure. Both supplied EU member governments.
- US intelligence budget
- $90B+ a year funds defensive research and offensive capability at the same time.
- Trackers
- Google TAG documents infections. Meta filed legal action against NSO. Citizen Lab publishes case reports. Those three do much of the public accountability work.
Frequently Asked Questions
What is a zero-click exploit and how does AI make it worse?
A zero-click exploit compromises a device without any user action. No link. No file. The attack arrives in a message, image, or push notification that the device processes on its own, and a flaw in that code gives the attacker control. Early Pegasus often needed a malicious link. Modern Pegasus and Predator hit iMessage, WhatsApp, and other zero-click paths. AI makes this worse by picking exploits from a library based on the target's device, OS version, and apps, and by scoring communication patterns to find high-value targets and better timing.
Can GrapheneOS stop Pegasus-style spyware?
GrapheneOS cuts attack surface hard, but it does not promise safety against a well-funded zero-day attack. It removes the iMessage path, tightens app permissions, supports per-app network isolation that can limit exfiltration after compromise, uses auto-reboot to clear memory, and locks down USB-C attacks. It cannot stop every exploit in hardware firmware or the cellular baseband. Lockdown Mode on iOS and GrapheneOS both matter. Neither is magic against a state actor with the right exploit.
How can I detect if my phone has spyware?
The best public tool is Amnesty International's Mobile Verification Toolkit, or MVT. It checks iOS backups or Android forensic images for Indicators of Compromise such as Pegasus domains, process names, and network signatures. For a quick check, iVerify on iOS looks for behavioral anomalies, and Android users can inspect per-app network connections in the privacy dashboard. Warning signs include fast battery drain, high data use, heat while idle, and camera or microphone indicators turning on for no clear reason.
Who are the targets of state-sponsored spyware?
Pegasus and Predator have hit journalists, lawyers, human rights advocates, opposition politicians, activists, researchers, relatives of dissidents, and business executives. Citizen Lab has documented Pegasus deployments in more than 45 countries. NSO Group says it sells only to government law enforcement and intelligence agencies, but many documented targets had no plausible criminal link at all.
Is Predator spyware worse than Pegasus?
Predator and Pegasus work in similar ways, but Predator appears to differ in one ugly area: reports indicate it can persist across iPhone reboots, a capability Pegasus lost after Apple patches. Both use zero-click exploits. Predator has targeted EU politicians and Greek journalists. The Intellexa alliance was sanctioned by the US in March 2024, but it kept operating through new corporate shells.