A recent discovery by security firm iVerify has shed light on a disturbing trend in the world of surveillance and espionage. According to the company, a prominent business leader's iPhone was targeted with the notorious Pegasus spyware, typically used by governments to monitor and track individuals. This incident highlights the growing risk of commercial espionage and the misuse of spyware for financial gain.

While journalists, human rights defenders, lawmakers, and political officials are frequent targets of state surveillance, reports of spyware compromising the phones of business leaders are rare but not unheard of. The findings serve as a fresh warning that spyware, often justified as a means to prevent serious crime and terrorism, can also be misused for commercial espionage.

iVerify's chief executive, Rocky Cole, declined to name the targeted business leader but revealed that the individual was "completely surprised" by the attempt to compromise their phone. Cole, a former analyst at the National Security Agency, emphasized that the business leader's phone was among seven iPhones identified as having been targeted, out of a pool of 2,500 iVerify users who opted to scan their devices for possible traces of spyware.

The security firm's app is designed to detect potentially anomalous signals deep within the iPhone and iPad operating systems, which can be indicative of malware infections. Since Apple tightly controls the software on its devices, making it difficult for apps like iVerify to examine the security of other installed apps or the kernel of the underlying software, the company analyzes other telemetry data within those privacy constraints to help determine if the device might be compromised.

It is unclear whether the targeted iPhones were compromised at the time iVerify identified the anomalous signals. Cole noted that any detected signals could indicate a historical spyware compromise at an earlier point in time. Some of the targeted phones may not have been patched with the latest software update when they were compromised, leaving them exposed to older exploits.

The incident is reminiscent of the hacking of Amazon founder Jeff Bezos' phone several years ago, which a United Nations report concluded was likely the result of Saudi officials purchasing access to Pegasus and using WhatsApp to deliver the spyware. NSO Group, the developer of Pegasus, claimed at the time that its spyware was not used in that instance.

Security researchers warn that the proliferation of spyware is making its use and misuse harder to contain. Earlier this year, Google sounded the alarm after its security researchers found evidence that Russian government-backed hackers acquired exploits identical or strikingly similar to code developed by NSO Group, which denied selling its spyware to Russia.

Cole revealed that iVerify is also seeing the reuse of spyware exploits by government-backed hackers from countries like China, Iran, and Russia, a trend that is becoming more widespread. The company is investigating whether Salt Typhoon, a China-backed hacking group linked to ongoing intrusions at several U.S. and international phone and internet giants, may have used its access to the telecom networks to identify and target individuals with phone spyware.

iVerify recently identified an uptick in anomalous signals from two phones belonging to senior officials at the Harris-Walz presidential campaign, coinciding with a period of heightened activity by Salt Typhoon in the phone companies' networks. The FBI is reportedly examining whether the China-backed hackers used their access to phone networks to target the phones of senior American officials with malware.

If Salt Typhoon is linked to the targeting of these phones, the attempted intrusions "very well could be the reuse of commercial capabilities," Cole warned. As the threat of commercial espionage and government-backed hacking continues to grow, it is essential for individuals and organizations to remain vigilant and take proactive measures to protect their digital security.