jsr on Nostr: A journalist asked me: why does NSO Group keep getting caught? Isn't #Pegasus ...
A journalist asked me: why does NSO Group keep getting caught?
Isn't #Pegasus supposed to be undetectable?
My answer: because the maker of Pegasus spyware isn't as good at hiding their activities as their government customers believe.
Making it worse for customers, Pegasus spyware customers fate share.
If a gulf dictator abuses Pegasus against an activist & get caught..this impacts the whole customer base when the zero day gets burned.
This is because the main mercenary spyware model involves selling the same tech to multiple customers.
This includes building & maintaining customer infrastructures for things like infecting, command & control, and exfiltrating data from phones.
Similarly, as researchers, when we get a first bit of that spyware infrastructure, we fingerprint... and expand out from there. Like we did with Paragon spyware.
Often the result is to surface new customers since the tech is going to multiple clients.
And yet again... customers fate share.
This dynamic is likely to continue as long as companies proliferate mercenary spyware to a broad customer base... the spyware gets abused... and researchers like us keep hunting for abuses.
Story: https://techcrunch.com/2025/03/28/again-and-again-nso-groups-customers-keep-getting-their-spyware-operations-caught/
Isn't #Pegasus supposed to be undetectable?
My answer: because the maker of Pegasus spyware isn't as good at hiding their activities as their government customers believe.
Making it worse for customers, Pegasus spyware customers fate share.
If a gulf dictator abuses Pegasus against an activist & get caught..this impacts the whole customer base when the zero day gets burned.
This is because the main mercenary spyware model involves selling the same tech to multiple customers.
This includes building & maintaining customer infrastructures for things like infecting, command & control, and exfiltrating data from phones.
Similarly, as researchers, when we get a first bit of that spyware infrastructure, we fingerprint... and expand out from there. Like we did with Paragon spyware.
Often the result is to surface new customers since the tech is going to multiple clients.
And yet again... customers fate share.
This dynamic is likely to continue as long as companies proliferate mercenary spyware to a broad customer base... the spyware gets abused... and researchers like us keep hunting for abuses.
Story: https://techcrunch.com/2025/03/28/again-and-again-nso-groups-customers-keep-getting-their-spyware-operations-caught/