Pegasus spyware, capable of switching on cameras and mics, linked to list of 50,000 phone numbers
... and targeting journalists in 50 countries, targeted by 10 states.
One Mexican journalist was on the list and 2 months later was killed, although journalists are frequently killed in Mexico.
The spyware is reportedly from Israeli company NSO Group (although there are many other similar companies). The software is sold to governments (only those who have been 'approved by Israel') to deal with 'terrorism' and 'criminals,' but is used by governments against their own civil society (journalists, activists, dissidents, lawyers) and heads of state.
The software is almost undetectable on your phone. It is not the kind of malware that you have to stupidly click something to have it install (spearfishing). It uses a zero-click exploit, using some app on your phone. It's not known which apps, but one is WhatsApp: it infected phones using a WhatsApp call and you don't even have to pick up the call. It has root access to the device (can do anything, including see all keystrokes, use camera, mic, contacts, archives, location). It might be stored in a temp file in RAM instead of on the hard drive.
The only way to get rid of it currently is get a new phone and new SIM.