{"id":3076051,"date":"2025-12-27T10:00:00","date_gmt":"2025-12-27T18:00:00","guid":{"rendered":"https:\/\/techcrunch.com\/?p=3076051"},"modified":"2025-12-29T15:00:09","modified_gmt":"2025-12-29T23:00:09","slug":"meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware","status":"publish","type":"post","link":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/","title":{"rendered":"Meet the team that investigates when journalists and activists get hacked with government spyware"},"content":{"rendered":"\n<p id=\"speakable-summary\" class=\"wp-block-paragraph\">For more than a decade, dozens of journalists and human rights activists <a href=\"https:\/\/techcrunch.com\/2025\/11\/10\/why-a-lot-of-people-are-getting-hacked-with-government-spyware\/\" target=\"_blank\" rel=\"noreferrer noopener\">have been targeted<\/a> and hacked by governments all over the world. Cops and spies in <a href=\"https:\/\/www.vice.com\/en\/article\/ethiopia-allegedly-used-spyware-against-us-based-journalists-again\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Ethiopia<\/a>, <a href=\"https:\/\/www.bbc.com\/news\/articles\/ced56p5l2wwo\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Greece<\/a>, <a href=\"https:\/\/www.theguardian.com\/world\/2022\/jan\/28\/hungarian-journalists-targeted-with-pegasus-spyware-to-sue-state\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Hungary<\/a>, <a href=\"https:\/\/www.washingtonpost.com\/world\/2023\/10\/31\/india-phone-hacking-apple\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">India<\/a>, <a href=\"https:\/\/www.theguardian.com\/world\/2022\/oct\/04\/mexico-nso-spyware-journalists-human-rights-hacked-pegasus\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Mexico<\/a>, <a href=\"https:\/\/techcrunch.com\/2022\/01\/11\/poland-nso-pegasus-election\/\" target=\"_blank\" rel=\"noreferrer noopener\">Poland<\/a>, <a href=\"https:\/\/www.theguardian.com\/world\/2021\/jul\/18\/nso-spyware-used-to-target-family-of-jamal-khashoggi-leaked-data-shows-saudis-pegasus\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Saudi Arabia<\/a>, and <a href=\"https:\/\/www.vice.com\/en\/article\/government-hackers-iphone-hacking-jailbreak-nso-group\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">United Arab Emirates<\/a>, among others, have used sophisticated spyware to compromise the phones of these victims, who at times have also <a href=\"https:\/\/techcrunch.com\/2021\/07\/03\/digital-violence-nso-group-spyware\/\" target=\"_blank\" rel=\"noreferrer noopener\">faced real-world violence<\/a> being intimidated, harassed, and in <a href=\"https:\/\/www.nytimes.com\/2018\/12\/02\/world\/middleeast\/saudi-khashoggi-spyware-israel.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">extreme cases<\/a>, even <a href=\"https:\/\/www.theguardian.com\/news\/2021\/jul\/18\/revealed-murdered-journalist-number-selected-mexico-nso-client-cecilio-pineda-birto\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">murdered<\/a>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In the last few years, in the fight to protect these higher-risk communities, a team of a dozen digital security experts, mostly based in Costa Rica, Manila, and Tunisia, among other places, have played a key role. They work for the New York-headquartered nonprofit Access Now, specifically its <a href=\"http:\/\/accessnow.org\/help\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Digital Security Helpline<\/a>.\u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Their mission is to be the team of people who journalists, human rights defenders, and dissidents can go to if they suspect they\u2019ve been hacked, such as with mercenary spyware made by companies like NSO Group, <a href=\"https:\/\/techcrunch.com\/2025\/12\/04\/sanctioned-spyware-maker-intellexa-had-direct-access-to-government-espionage-victims-researchers-say\/\">Intellexa<\/a>, or Paragon.\u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cThe idea is to provide this 24\/7 service to civil society and journalists so they can reach out whenever they have\u00a0\u2026 a cybersecurity incident,\u201d Hassen Selmi, who leads the incident response team at the Helpline, told TechCrunch.\u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.youtube.com\/watch?v=Obk5T6kS0WY&amp;t=292s\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">According to Bill Marczak<\/a>, a senior researcher at the University of Toronto&#8217;s Citizen Lab who has been investigating spyware for almost 15 years, Access Now&#8217;s Helpline is a \u201cfrontline resource\u201d for journalists and others who may have been targeted or hacked with spyware.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The helpline has become a critical funnel for victims. So much so that when Apple sends its users a &#8220;threat notification&#8221; alerting them that they have been targeted with mercenary spyware, <a href=\"https:\/\/techcrunch.com\/2024\/12\/20\/why-apple-sends-spyware-victims-to-this-nonprofit-security-lab\/\" target=\"_blank\" rel=\"noreferrer noopener\">the tech giant has long directed victims to Access Now\u2019s investigators<\/a>.\u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In speaking with TechCrunch, Selmi described a scenario where <a href=\"https:\/\/techcrunch.com\/2025\/10\/21\/apple-alerts-exploit-developer-that-his-iphone-was-targeted-with-government-spyware\/\" target=\"_blank\" rel=\"noreferrer noopener\">someone gets one of these threat notifications<\/a>, and where Access Now can help victims.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">&#8220;Having someone who could explain it to them, tell them what they should do, what they should not do, what this means\u00a0\u2026 This is a big relief for them,\u201d said Selmi.\u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">According to several digital rights experts who have investigated spyware cases and previously spoke with TechCrunch, Apple is generally taking the right approach, even if the optics look like a trillion-dollar tech giant offloading its responsibility to a small team of nonprofit workers.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Being mentioned by Apple in the notifications, said Selmi, was \u201cone of the biggest milestones\u201d for the helpline.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Selmi and his colleagues now look into about 1,000 cases of suspected government spyware attacks per year. Around half of those cases turn into actual investigations, and only around 5% of them, around 25, result in a confirmed case of spyware infection, according to Mohammed Al-Maskati, the helpline\u2019s director.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">When Selmi started doing this work in 2014, Access Now was only investigating around 20 cases of suspected spyware attacks per month.\u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">At the time, there were three or four people working in each time zone in Costa Rica, Manila, and Tunisia, locations that allowed them to have someone online throughout the whole day. The team isn\u2019t that much bigger now, with fewer than 15 people working for the helpline. The helpline has more people in Europe, the Middle East, North Africa, and the sub-Saharan region, given that these are hotspots for spyware cases, according to Selmi.\u00a0\u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The increase in cases, Selmi explained, is due to several circumstances. For one, the helpline is now more well known, so it attracts more people. Then, with government spyware going global and becoming more available, there are <a href=\"https:\/\/techcrunch.com\/2025\/11\/10\/why-a-lot-of-people-are-getting-hacked-with-government-spyware\/\" target=\"_blank\" rel=\"noreferrer noopener\">potentially more cases of abuse<\/a>. Finally, the helpline team has done more outreach to potentially targeted populations, finding cases of abuse they may not have found otherwise.\u00a0<\/p>\n\n\n<p class=\"wp-block-shortcode\">\t\t<div class=\"article-block block--callout block--right has-green-500-background-color\" >\n\t\t\t<h4 class=\"block--callout__title\">Contact Us<\/h4>\n\t\t\tHave you received a notification from Apple, Google, or WhatsApp about being targeted with spyware? Or do you have information about spyware makers? We would love to hear from you. From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or <a href=\"mailto:lorenzo@techcrunch.com\/\">email<\/a><a href=\"mailto:lorenzo@techcrunch.com\/\">.<\/a>\t\t<\/div>\n\t\t<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">When someone contacts the helpline, Selmi told TechCrunch, its investigators first acknowledge receipt; then they do a first check to see if the person who contacted them is within the organization\u2019s mandate, meaning if they are part of civil society \u2014 and not, for example, a business executive or lawmaker. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Then the investigators assess the case in triage. If a case is prioritized, the investigators ask questions, such as why the person believes they were targeted (if there was no notification), and what device they own, which helps to establish what kind of information the investigators may need to collect from the victim\u2019s device.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">After an initial, limited check of the device performed remotely over the internet, the helpline\u2019s handlers and investigators may ask the victim to send more data, such as a full backup of their device, to do a more thorough analysis examining for signs of intrusions.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cFor each known kind of exploit that has been used in the last five years, we have a process on how to check that exploit,\u201d said Selmi, referring to known hacking techniques.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cWe know more or less what is normal, what is not,\u201d said Selmi.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The Access Now handlers, who manage communication and often speak the victim\u2019s language, will also give the victim advice on what to do, such as whether to get another device, or take other precautions.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Every case that the nonprofit looks into is unique. \u201cIt&#8217;s different from person to person, from culture to culture,\u201d Selmi told TechCrunch. &#8220;I think we should do more research, get more people on board \u2014 not just technical people \u2014 to know how to deal with these kinds of victims.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Selmi said that the helpline has also been supporting similar investigative teams in some regions of the world, sharing documentation, knowledge, and tools, as part of a coalition called <a href=\"https:\/\/www.civicert.org\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">CiviCERT<\/a>, a global network of organizations that can help members of civil society who suspect they were targeted with spyware.\u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Selmi said this network has also helped to reach journalists and others in places where otherwise they could not get to.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">&#8220;No matter where they are, [victims] have people who could talk to and report to,\u201d Selmi told TechCrunch. \u201cHaving these people talk their language and know their context helped a lot.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>For years, Access Now\u2019s Digital Security Helpline has been aiding journalists and dissidents who have been targeted with government spyware. This is how they operate.<\/p>\n","protected":false},"author":133574594,"featured_media":3078705,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"tc-featured-article":false,"tc-header-option":"","tc-breaking-news":false,"tc-article-brief":false,"carmot_uuid":"","apple_news_api_created_at":"2025-12-27T18:00:26Z","apple_news_api_id":"e1ed2dba-56eb-4687-bec0-697038011385","apple_news_api_modified_at":"2025-12-29T23:00:08Z","apple_news_api_revision":"AAAAAAAAAAAAAAAAAAAAAA==","apple_news_api_share_url":"https:\/\/apple.news\/A4e0tulbrRoe-wGlwOAEThQ","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":[],"apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"tc_subtitle":"","tc_featured_image_disabled":false,"tc_exclude_from_rss_feed":false,"tc_exclude_from_content_rivers":false,"footnotes":""},"categories":[21587494],"tags":[641922,291,106595,15593,5448,449552597,577235760,577336151,577370126],"tc_region":[],"tc_event":[],"tc_storyline_tax":[],"coauthors":[577104450],"class_list":["post-3076051","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-android","tag-apple","tag-iphone","tag-malware","tag-spyware","tag-nso-group","tag-intellexa","tag-paragon-solutions","tag-accessnow"],"apple_news_notices":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v25.1 (Yoast SEO v25.1) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Meet the team that investigates when journalists and activists get hacked with government spyware | TechCrunch<\/title>\n<meta name=\"description\" content=\"For years, Access Now\u2019s Digital Security Helpline has been aiding journalists and dissidents who have been targeted with government spyware. This is how they operate.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Meet the team that hunts government spyware\" \/>\n<meta property=\"og:description\" content=\"For years, Access Now\u2019s Digital Security Helpline has been aiding journalists and dissidents who have been targeted with government spyware. This is how they operate.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/\" \/>\n<meta property=\"og:site_name\" content=\"TechCrunch\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/techcrunch\" \/>\n<meta property=\"article:published_time\" content=\"2025-12-27T18:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-12-29T23:00:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/12\/dark-iphone.jpg?resize=1200,675\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"675\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Lorenzo Franceschi-Bicchierai\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@TechCrunch\" \/>\n<meta name=\"twitter:site\" content=\"@TechCrunch\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Lorenzo Franceschi-Bicchierai\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"NewsArticle\",\"@id\":\"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/\"},\"author\":{\"name\":\"Lorenzo Franceschi-Bicchierai\",\"@id\":\"https:\/\/techcrunch.com\/#\/schema\/person\/ae6736172fc69d49ba9b3d836e93d029\"},\"headline\":\"Meet the team that investigates when journalists and activists get hacked with government spyware\",\"datePublished\":\"2025-12-27T18:00:00+00:00\",\"dateModified\":\"2025-12-29T23:00:09+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/\"},\"wordCount\":1064,\"publisher\":{\"@id\":\"https:\/\/techcrunch.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/12\/dark-iphone.jpg\",\"keywords\":[\"Android\",\"Apple\",\"iPhone\",\"malware\",\"Spyware\",\"NSO Group\",\"Intellexa\",\"Paragon Solutions\",\"AccessNow\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\",\"copyrightYear\":\"2025\",\"copyrightHolder\":{\"@id\":\"https:\/\/techcrunch.com\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/\",\"url\":\"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/\",\"name\":\"Meet the team that investigates when journalists and activists get hacked with government spyware | TechCrunch\",\"isPartOf\":{\"@id\":\"https:\/\/techcrunch.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/12\/dark-iphone.jpg\",\"datePublished\":\"2025-12-27T18:00:00+00:00\",\"dateModified\":\"2025-12-29T23:00:09+00:00\",\"description\":\"For years, Access Now\u2019s Digital Security Helpline has been aiding journalists and dissidents who have been targeted with government spyware. This is how they operate.\",\"breadcrumb\":{\"@id\":\"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/#primaryimage\",\"url\":\"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/12\/dark-iphone.jpg\",\"contentUrl\":\"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/12\/dark-iphone.jpg\",\"width\":2400,\"height\":1350,\"caption\":\"The silhouette of a hand holding an iPhone with the light on. (Image: Clint Patterson\/Unsplash)\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/techcrunch.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Meet the team that investigates when journalists and activists get hacked with government spyware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/techcrunch.com\/#website\",\"url\":\"https:\/\/techcrunch.com\/\",\"name\":\"TechCrunch\",\"description\":\"Startup and Technology News\",\"publisher\":{\"@id\":\"https:\/\/techcrunch.com\/#organization\"},\"alternateName\":\"TC\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/techcrunch.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/techcrunch.com\/#organization\",\"name\":\"TechCrunch\",\"alternateName\":\"TC\",\"url\":\"https:\/\/techcrunch.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/techcrunch.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/techcrunch.com\/wp-content\/uploads\/2018\/04\/tc-logo-2018-square-reverse2x.png?resize=1200,1200\",\"contentUrl\":\"https:\/\/techcrunch.com\/wp-content\/uploads\/2018\/04\/tc-logo-2018-square-reverse2x.png?resize=1200,1200\",\"width\":1200,\"height\":1200,\"caption\":\"TechCrunch\"},\"image\":{\"@id\":\"https:\/\/techcrunch.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/techcrunch\",\"https:\/\/x.com\/TechCrunch\",\"https:\/\/mstdn.social\/@TechCrunch\",\"https:\/\/bsky.app\/profile\/techcrunch.com\",\"https:\/\/www.threads.net\/@techcrunch\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/techcrunch.com\/#\/schema\/person\/ae6736172fc69d49ba9b3d836e93d029\",\"name\":\"Lorenzo Franceschi-Bicchierai\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/techcrunch.com\/#\/schema\/person\/image\/e5c2a45b56c8d08b18a46cf3571af0fc\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/675be9c00f9239b767b25cc470ba3878e035e319722e04170747562fd77e0d42?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/675be9c00f9239b767b25cc470ba3878e035e319722e04170747562fd77e0d42?s=96&d=identicon&r=g\",\"caption\":\"Lorenzo Franceschi-Bicchierai\"},\"url\":\"https:\/\/techcrunch.com\/author\/lorenzo-franceschi-bicchierai\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Meet the team that investigates when journalists and activists get hacked with government spyware | TechCrunch","description":"For years, Access Now\u2019s Digital Security Helpline has been aiding journalists and dissidents who have been targeted with government spyware. This is how they operate.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/","og_locale":"en_US","og_type":"article","og_title":"Meet the team that hunts government spyware","og_description":"For years, Access Now\u2019s Digital Security Helpline has been aiding journalists and dissidents who have been targeted with government spyware. This is how they operate.","og_url":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/","og_site_name":"TechCrunch","article_publisher":"https:\/\/www.facebook.com\/techcrunch","article_published_time":"2025-12-27T18:00:00+00:00","article_modified_time":"2025-12-29T23:00:09+00:00","og_image":[{"width":1200,"height":675,"url":"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/12\/dark-iphone.jpg?resize=1200,675","type":"image\/jpeg"}],"author":"Lorenzo Franceschi-Bicchierai","twitter_card":"summary_large_image","twitter_creator":"@TechCrunch","twitter_site":"@TechCrunch","twitter_misc":{"Written by":"Lorenzo Franceschi-Bicchierai","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/#article","isPartOf":{"@id":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/"},"author":{"name":"Lorenzo Franceschi-Bicchierai","@id":"https:\/\/techcrunch.com\/#\/schema\/person\/ae6736172fc69d49ba9b3d836e93d029"},"headline":"Meet the team that investigates when journalists and activists get hacked with government spyware","datePublished":"2025-12-27T18:00:00+00:00","dateModified":"2025-12-29T23:00:09+00:00","mainEntityOfPage":{"@id":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/"},"wordCount":1064,"publisher":{"@id":"https:\/\/techcrunch.com\/#organization"},"image":{"@id":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/#primaryimage"},"thumbnailUrl":"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/12\/dark-iphone.jpg","keywords":["Android","Apple","iPhone","malware","Spyware","NSO Group","Intellexa","Paragon Solutions","AccessNow"],"articleSection":["Security"],"inLanguage":"en-US","copyrightYear":"2025","copyrightHolder":{"@id":"https:\/\/techcrunch.com\/#organization"}},{"@type":"WebPage","@id":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/","url":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/","name":"Meet the team that investigates when journalists and activists get hacked with government spyware | TechCrunch","isPartOf":{"@id":"https:\/\/techcrunch.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/#primaryimage"},"image":{"@id":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/#primaryimage"},"thumbnailUrl":"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/12\/dark-iphone.jpg","datePublished":"2025-12-27T18:00:00+00:00","dateModified":"2025-12-29T23:00:09+00:00","description":"For years, Access Now\u2019s Digital Security Helpline has been aiding journalists and dissidents who have been targeted with government spyware. This is how they operate.","breadcrumb":{"@id":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/#primaryimage","url":"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/12\/dark-iphone.jpg","contentUrl":"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/12\/dark-iphone.jpg","width":2400,"height":1350,"caption":"The silhouette of a hand holding an iPhone with the light on. (Image: Clint Patterson\/Unsplash)"},{"@type":"BreadcrumbList","@id":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/techcrunch.com\/"},{"@type":"ListItem","position":2,"name":"Meet the team that investigates when journalists and activists get hacked with government spyware"}]},{"@type":"WebSite","@id":"https:\/\/techcrunch.com\/#website","url":"https:\/\/techcrunch.com\/","name":"TechCrunch","description":"Startup and Technology News","publisher":{"@id":"https:\/\/techcrunch.com\/#organization"},"alternateName":"TC","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/techcrunch.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/techcrunch.com\/#organization","name":"TechCrunch","alternateName":"TC","url":"https:\/\/techcrunch.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/techcrunch.com\/#\/schema\/logo\/image\/","url":"https:\/\/techcrunch.com\/wp-content\/uploads\/2018\/04\/tc-logo-2018-square-reverse2x.png?resize=1200,1200","contentUrl":"https:\/\/techcrunch.com\/wp-content\/uploads\/2018\/04\/tc-logo-2018-square-reverse2x.png?resize=1200,1200","width":1200,"height":1200,"caption":"TechCrunch"},"image":{"@id":"https:\/\/techcrunch.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/techcrunch","https:\/\/x.com\/TechCrunch","https:\/\/mstdn.social\/@TechCrunch","https:\/\/bsky.app\/profile\/techcrunch.com","https:\/\/www.threads.net\/@techcrunch"]},{"@type":"Person","@id":"https:\/\/techcrunch.com\/#\/schema\/person\/ae6736172fc69d49ba9b3d836e93d029","name":"Lorenzo Franceschi-Bicchierai","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/techcrunch.com\/#\/schema\/person\/image\/e5c2a45b56c8d08b18a46cf3571af0fc","url":"https:\/\/secure.gravatar.com\/avatar\/675be9c00f9239b767b25cc470ba3878e035e319722e04170747562fd77e0d42?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/675be9c00f9239b767b25cc470ba3878e035e319722e04170747562fd77e0d42?s=96&d=identicon&r=g","caption":"Lorenzo Franceschi-Bicchierai"},"url":"https:\/\/techcrunch.com\/author\/lorenzo-franceschi-bicchierai\/"}]}},"parsely":{"version":"1.1.0","canonical_url":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/","smart_links":{"inbound":0,"outbound":0},"traffic_boost_suggestions_count":0,"meta":{"@context":"https:\/\/schema.org","@type":"NewsArticle","headline":"Meet the team that investigates when journalists and activists get hacked with government spyware","url":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/","mainEntityOfPage":{"@type":"WebPage","@id":"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/"},"thumbnailUrl":"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/12\/dark-iphone.jpg?w=150","image":{"@type":"ImageObject","url":"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/12\/dark-iphone.jpg"},"articleSection":"Security","author":[{"@type":"Person","name":"Lorenzo Franceschi-Bicchierai"}],"creator":["Lorenzo Franceschi-Bicchierai"],"publisher":{"@type":"Organization","name":"TechCrunch","logo":"https:\/\/techcrunch.com\/wp-content\/uploads\/2015\/02\/cropped-cropped-favicon-gradient.png"},"keywords":["android","apple","iphone","malware","spyware","nso group","intellexa","paragon solutions","accessnow"],"dateCreated":"2025-12-27T18:00:00Z","datePublished":"2025-12-27T18:00:00Z","dateModified":"2025-12-29T23:00:09Z"},"rendered":"<meta name=\"parsely-title\" content=\"Meet the team that investigates when journalists and activists get hacked with government spyware\" \/>\n<meta name=\"parsely-link\" content=\"https:\/\/techcrunch.com\/2025\/12\/27\/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware\/\" \/>\n<meta name=\"parsely-type\" content=\"post\" \/>\n<meta name=\"parsely-image-url\" content=\"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/12\/dark-iphone.jpg?w=150\" \/>\n<meta name=\"parsely-pub-date\" content=\"2025-12-27T18:00:00Z\" \/>\n<meta name=\"parsely-section\" content=\"Security\" \/>\n<meta name=\"parsely-tags\" content=\"android,apple,iphone,malware,spyware,nso group,intellexa,paragon solutions,accessnow\" \/>\n<meta name=\"parsely-author\" content=\"Lorenzo Franceschi-Bicchierai\" \/>","tracker_url":"https:\/\/cdn.parsely.com\/keys\/techcrunch.com\/p.js"},"jetpack_featured_media_url":"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/12\/dark-iphone.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/techcrunch.com\/wp-json\/wp\/v2\/posts\/3076051","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techcrunch.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techcrunch.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techcrunch.com\/wp-json\/wp\/v2\/users\/133574594"}],"replies":[{"embeddable":true,"href":"https:\/\/techcrunch.com\/wp-json\/wp\/v2\/comments?post=3076051"}],"version-history":[{"count":5,"href":"https:\/\/techcrunch.com\/wp-json\/wp\/v2\/posts\/3076051\/revisions"}],"predecessor-version":[{"id":3079269,"href":"https:\/\/techcrunch.com\/wp-json\/wp\/v2\/posts\/3076051\/revisions\/3079269"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techcrunch.com\/wp-json\/wp\/v2\/media\/3078705"}],"wp:attachment":[{"href":"https:\/\/techcrunch.com\/wp-json\/wp\/v2\/media?parent=3076051"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techcrunch.com\/wp-json\/wp\/v2\/categories?post=3076051"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techcrunch.com\/wp-json\/wp\/v2\/tags?post=3076051"},{"taxonomy":"tc_region","embeddable":true,"href":"https:\/\/techcrunch.com\/wp-json\/wp\/v2\/tc_region?post=3076051"},{"taxonomy":"tc_event","embeddable":true,"href":"https:\/\/techcrunch.com\/wp-json\/wp\/v2\/tc_event?post=3076051"},{"taxonomy":"tc_storyline_tax","embeddable":true,"href":"https:\/\/techcrunch.com\/wp-json\/wp\/v2\/tc_storyline_tax?post=3076051"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/techcrunch.com\/wp-json\/wp\/v2\/coauthors?post=3076051"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}