Two years ago, the FBI reportedly purchased a copy of the world’s most coveted spyware, a tool that can remotely and silently crack into Androids and iPhones without leaving a trace, spilling device contents onto a console possibly thousands of miles away, with little more effort than entering a phone number.

This tool is Pegasus, and, according to recent reporting from The New York Times, the FBI purchased the tool for examination, but deferred from using it for any real investigations. Remarkably, at the same time, the US government was also considering a version of Pegasus that could allow for domestic spying on Americans—a new, upgraded Pegasus called “Phantom.”

Pegasus and Phantom were reportedly never deployed by the US government, but that doesn’t mean that these invasive hacking powers are rarely used. In fact, Pegasus has been sold to the governments of India, Saudi Arabia, Bahrain, Azerbaijan, Mexico, the United Arab Emirates, Morocco, Hungary, and Rwanda.

In the hands of those and many other countries, surveillance abuses abound.

On Lock and Code today, host David Ruiz provides an in-depth look at Pegasus: Who makes it, how much information can steal from mobile devices, how does it get onto those devices, and who has been provably harmed by its surveillance capabilities? Despite being billed as a tool to help curb criminal organizations and terrorist threats, Pegasus, through forensic analyses, has been found on the phones of journalists, human rights activists, and political dissidents. It is believed to have been used to target several heads of state, including presidents and prime ministers, along with nonprofit directors, lawyers, and at least one government scientist.

“These aren’t stories of investigating, or preventing, or solving, or addressing criminal activities. These are stories of the everyday people, with names, with careers, with families, who did something—who spoke up in a way, who lived in a way—that someone else didn’t like.”

David Ruiz, Lock and Code host, Malwarebytes online privacy advocate
This video cannot be displayed because your Functional Cookies are currently disabled.

To enable them, please visit our privacy policy and search for the Cookies section. Select “Click Here” to open the Privacy Preference Center and select “Functional Cookies” in the menu. You can switch the tab back to “Active” or disable by moving the tab to “Inactive.” Click “Save Settings.”

You can also find us on Apple PodcastsSpotify, and Google Podcasts, plus whatever preferred podcast platform you use.