{"id":55270,"date":"2024-02-07T15:14:31","date_gmt":"2024-02-07T15:14:31","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/35503\/The-Spyware-Business-Is-Booming-Despite-Government-Crackdowns.html"},"modified":"2024-02-07T15:14:31","modified_gmt":"2024-02-07T15:14:31","slug":"the-spyware-business-is-booming-despite-government-crackdowns","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/","title":{"rendered":"The Spyware Business Is Booming Despite Government Crackdowns"},"content":{"rendered":"<p><span class=\"label\">Updated<\/span> The commercial spyware economy \u2013 despite government and big tech&#8217;s efforts to crack down \u2013 appears to be booming.<\/p>\n<p>In addition to the major players like <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/01\/24\/us_judge_rejects_pegasus_spyware\/\" rel=\"noopener\">Pegasus developer NSO Group<\/a>, and <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2023\/05\/27\/predator_analysis_talos\/\" rel=\"noopener\">Predator maker Intellexa<\/a>, Google\u2019s Threat Analysis Group (TAG) has found &#8220;dozens of smaller&#8221; commercial surveillance vendors and tracks around 40 such organizations.<\/p>\n<p>Other exploitation supply chain orgs also make money from these nefarious tools \u2013 from the initial exploit developers and suppliers on through to the spyware vendors that charge varying amounts depending on what capabilities the customer requests.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>In 2023, TAG reports it uncovered 25 zero-days under active exploitation, and 20 of these were abused by commercial surveillance vendors.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>&#8220;All these players enable the proliferation of dangerous tools and capabilities used by governments against individuals, which threatens the safety of the internet ecosystem and the trust on which a vibrant and inclusive digital society depends,&#8221; according to a <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/storage.googleapis.com\/gweb-uniblog-publish-prod\/documents\/Buying_Spying_-_Insights_into_Commercial_Surveillance_Vendors_-_TAG_report.pdf\">TAG report<\/a> published on Tuesday.<\/p>\n<p>The safety of the internet is not the only thing at stake as a result of spyware vendors\u2019 efforts: the report shares stories of victims such as human rights advocates and journalists whose devices were infected with Pegasus.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>These tools have also been used to secure the detention of political dissidents, lawyers, journalists and activists. Some deployments of spyware have been <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.aljazeera.com\/news\/2019\/3\/20\/widow-of-slain-mexican-journalist-targeted-by-spyware\">blamed<\/a> for victims\u2019 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.theregister.com\/2021\/03\/01\/in_brief_security\/\">deaths<\/a>. This, despite <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2022\/07\/27\/us_congress_spyware_debate\/\" rel=\"noopener\">assurances<\/a> from some of the surveillance vendors that their products can only be sold to governments and used to fight terrorism and other serious crimes.<\/p>\n<p>&#8220;I have yet to see any reporting on legitimate use of this software,&#8221; Cisco Talos head of outreach Nick Biasini lamented in an interview with <em>The Register<\/em>.<\/p>\n<p>&#8220;That&#8217;s not to say that it doesn&#8217;t exist,&#8221; he added. &#8220;It could be used in highly classified environments so that information never sees the light of day. But the majority of the activity seems to be around dissidents, activists, reporters, lawyers and those types of victims, which implies a non-standard application of the technology.&#8221;<\/p>\n<h3 class=\"crosshead\">Government to the rescue?<\/h3>\n<p>Western governments are taking steps to curb this <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cigionline.org\/articles\/the-growing-global-spyware-industry-must-be-reined-in\/\">$12-billion-a-year industry<\/a>. On Monday, the US announced it would <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.state.gov\/announcement-of-a-visa-restriction-policy-to-promote-accountability-for-the-misuse-of-commercial-spyware\/\">impose visa restrictions<\/a> on anyone involved in the abuse of commercial spyware. Presumably, this extends from the makers and suppliers all the way to end-users.<\/p>\n<p>That action follows last year&#8217;s executive order banning the US government&#8217;s use of commercial spyware that presents a national security risk to America \u2013 although, as <em>The Register<\/em> pointed out at the time, the order includes <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2023\/03\/28\/biden_spyware_executive_order\/\" rel=\"noopener\">big loopholes<\/a> for Uncle Sam&#8217;s snoops and American-made products.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Also in 2023, the US government added commercial spyware makers <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2023\/07\/18\/us_sanctions_commercial_spyware\/\" rel=\"noopener\">Intellexa and Cytrox<\/a> to its Entity List, after placing similar export restrictions on <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2021\/10\/20\/us_intrusion_software_rules\/\" rel=\"noopener\">NSO Group<\/a> in 2021.<\/p>\n<p>On Tuesday, a group of <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.gov.uk\/government\/news\/deputy-prime-minister-hosts-first-global-conference-targeting-hackers-for-hire-and-malicious-use-of-commercial-cyber-tools\">35 nations<\/a>, led by the UK and France, signed an agreement to &#8220;tackle proliferation and irresponsible use of commercial cyber intrusion tools and services.&#8221; Tech giants including Apple, Google and Microsoft also reportedly participated, but declined to comment.<\/p>\n<p>Despite these and other efforts, the spyware business &#8220;appears to be booming,&#8221; Biasini observed. &#8220;There&#8217;s a lot of growth. If you look at the offensive conferences \u2013 especially the ones in Europe that have been going on \u2013 there are just a deluge of vendors that sit in this space.&#8221;<\/p>\n<h3 class=\"crosshead\">The spyware economy<\/h3>\n<p>One of the &#8220;bigger trends&#8221; that Talos is tracking within the spyware economy is the &#8220;decoupling between the commercial spyware vendors and the vulnerability and exploit vendors,&#8221; Biasini added.<\/p>\n<p>According to TAG, spyware users typically use exploit chains, rather than a single point of entry, to remotely drop spyware to the target&#8217;s devices. This usually includes three or four zero-days, the report indicates. The findings don&#8217;t include any pricing info for these zero-days \u2013 which tend to allow remote code execution, sandbox escape and local privilege escalation.<\/p>\n<p>The TAG report does include some details on spyware vendors&#8217; pricing models \u2013 but nothing new.<\/p>\n<p>One is a widely sourced 2021 <em>New York Times<\/em> publication of a <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.nytimes.com\/interactive\/2022\/12\/08\/us\/politics\/intellexa-commercial-proposal.html\">pitch document for Predator<\/a>. The base price of \u20ac8 million ($8.6 million) buys the user a remote, one-click exploit chain to install spyware implants on Android and iOS devices and the ability to run ten concurrent implants. Intellexa provides project management, and a 12-month warranty on the contract.<\/p>\n<p>The second is an offer for NOVA \u2013 an Intellexa Alliance combined spyware and data analysis system that was <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/DrWhax\/status\/1562749756316585984\">leaked on the XSS.is cybercrime forum<\/a> in 2022. In addition to the base price, users can buy persistence on victim devices for an extra \u20ac3 million ($3.2 million), and an additional five-country package for another \u20ac1.2 million ($1.3 million).<\/p>\n<p>When asked about these pricing models, and what Talos has seen, Biasini explained the <em>NYT<\/em> story and the XXS leak are the only two data points he&#8217;s aware of. &#8220;We are basically operating on two leaked pieces of data,&#8221; he noted. &#8220;That&#8217;s all we have.&#8221;<\/p>\n<p>This illustrates another part of the problem: the spyware economy remains mysterious.<\/p>\n<p>&#8220;There is almost zero data being shared across the industry on this particular threat, and that is a massive problem,&#8221; Biasini worried. &#8220;If we really want to fix this, we need more eyes on this \u2013 not less. As someone who operates in the tech space, it is a Herculean effort for us to get samples to be able to analyze, and that should not be the case.&#8221;<\/p>\n<p>In addition to samples of the malware itself, investigators need indicators of compromise, and hashes \u2013 things that are lacking in spyware reports. Similarly, none of the sources <em>The Register<\/em> contacted for this story could, or would, provide us with any other examples of or information about spyware pricing models.<\/p>\n<p>All of this contributes to a lack of visibility, which allows the miscreants abusing surveillance tools to operate with impunity while their victims live in fear. \u00ae<\/p>\n<h3 class=\"crosshead\">Updated to add<\/h3>\n<p>&#8220;The recent UK Pall Mall Process highlights a growing international alarm over the global spyware crisis,&#8221; Elina Castillo Jim\u00e9nez, advocacy coordinator at the security lab at Amnesty Tech told <em>The Register<\/em>.<\/p>\n<p>&#8220;While a positive step, the declaration is far short of what is needed to rein in the commercial surveillance industry. States must adopt a ban on highly intrusive spyware altogether and establish robust safeguards for any permissible use of other forms of spyware.<\/p>\n<p>&#8220;International law already defines legitimate spyware applications narrowly; instead of debating this, the focus must shift to protecting individuals from unlawful surveillance. Furthermore \u2013 there is a lot that can be done by governments individually \u2013 including through ceasing to purchase products from commercial surveillance vendors, enforcing export regulations, and providing accountability for already documented victims of spyware.&#8221;<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/35503\/The-Spyware-Business-Is-Booming-Despite-Government-Crackdowns.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[8560],"class_list":["post-55270","post","type-post","status-publish","format-standard","hentry","category-packet-storm","tag-headlinegovernmentprivacyphonespyware"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>The Spyware Business Is Booming Despite Government Crackdowns 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Spyware Business Is Booming Despite Government Crackdowns 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-02-07T15:14:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-spyware-business-is-booming-despite-government-crackdowns\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-spyware-business-is-booming-despite-government-crackdowns\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"The Spyware Business Is Booming Despite Government Crackdowns\",\"datePublished\":\"2024-02-07T15:14:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-spyware-business-is-booming-despite-government-crackdowns\\\/\"},\"wordCount\":1097,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-spyware-business-is-booming-despite-government-crackdowns\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"keywords\":[\"headline,government,privacy,phone,spyware\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-spyware-business-is-booming-despite-government-crackdowns\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-spyware-business-is-booming-despite-government-crackdowns\\\/\",\"name\":\"The Spyware Business Is Booming Despite Government Crackdowns 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-spyware-business-is-booming-despite-government-crackdowns\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-spyware-business-is-booming-despite-government-crackdowns\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2024-02-07T15:14:31+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-spyware-business-is-booming-despite-government-crackdowns\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-spyware-business-is-booming-despite-government-crackdowns\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-spyware-business-is-booming-despite-government-crackdowns\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-spyware-business-is-booming-despite-government-crackdowns\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,government,privacy,phone,spyware\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinegovernmentprivacyphonespyware\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"The Spyware Business Is Booming Despite Government Crackdowns\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Spyware Business Is Booming Despite Government Crackdowns 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/","og_locale":"en_US","og_type":"article","og_title":"The Spyware Business Is Booming Despite Government Crackdowns 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-02-07T15:14:31+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"The Spyware Business Is Booming Despite Government Crackdowns","datePublished":"2024-02-07T15:14:31+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/"},"wordCount":1097,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","keywords":["headline,government,privacy,phone,spyware"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/","url":"https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/","name":"The Spyware Business Is Booming Despite Government Crackdowns 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2024-02-07T15:14:31+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQceCsy6rWQvqHIi9ok7gAAAYk&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/the-spyware-business-is-booming-despite-government-crackdowns\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,government,privacy,phone,spyware","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinegovernmentprivacyphonespyware\/"},{"@type":"ListItem","position":3,"name":"The Spyware Business Is Booming Despite Government Crackdowns"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55270","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=55270"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55270\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=55270"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=55270"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=55270"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}