Introduction
Mobile phone spyware has emerged as a serious concern in both personal and national security contexts. This malicious software covertly monitors a victim’s smartphone activities – from calls and texts to location – all without their knowledge. Not all spyware is equal: some are “government-grade” tools designed for intelligence agencies, while others are off-the-shelf apps anyone can purchase. Criminal defense lawyers and investigators increasingly encounter such spyware in cases ranging from unlawful surveillance of spouses to high-profile hacking of journalists. In many instances, the perpetrator is someone known to the victim, aiming to harass or control them [1]. Yet victims often struggle to get timely help from authorities, as law enforcement must prioritize serious crimes over individual cyberstalking complaints [1]. This post provides an in-depth analysis of mobile spyware, comparing elite spyware like NSO Group’s Pegasus with commercially available spy apps, outlining tell-tale symptoms of infection, describing forensic detection techniques, and reviewing the legal consequences of illicit spyware use.
Spyware Comparisons
Not all spyware is created equal – some are sophisticated cyber-weapons sold to governments, while others are mass-market tools advertised for parental or employee monitoring. Below we compare government-grade spyware and popular commercial spyware, including typical costs and capabilities.
Government-Grade Spyware (Pegasus and similar)
Pegasus (NSO Group): Pegasus is a highly advanced spyware platform developed by Israel’s NSO Group and sold exclusively to government agencies [2]. It is designed for stealth and can infect a target phone without any action by the victim (“zero-click” exploits). Once implanted, Pegasus can read text messages, eavesdrop on calls, collect passwords, track location, access the microphone/camera, and harvest data from apps. These capabilities essentially give an attacker full control over the device [2]. Governments have allegedly used Pegasus to surveil not only criminals and terrorists (as NSO claims) but also journalists, lawyers, activists, and political opponents [2]. The cost of Pegasus reflects its extraordinary power and exclusivity – it is extremely expensive. A leaked price sheet showed NSO charged around $650,000 to infect 10 devices, on top of a $500,000 setup fee [3]. Additional targets cost hundreds of thousands more, meaning a government might spend millions for a larger surveillance operation. Newer Pegasus versions with zero-click exploits likely cost even more [3]. Other government-grade spyware tools (e.g. FinFisher/FinSpy or Candiru’s exploits) offer similar capabilities and price tags. They are tightly controlled – for instance, Pegasus sales require Israeli Defense Ministry approval – and are wielded as cyber weapons. Their use has sparked international controversy and debates about human rights and privacy.
Commercial Spyware (FlexiSPY, mSpy, etc.)
In contrast to Pegasus, commercial spyware apps are widely available to the public, relatively affordable, and commonly used in domestic or small-scale spying. Marketed under innocuous terms like “phone trackers” or “monitoring software,” these apps are often used by abusive partners, stalkers, or even overzealous employers under the guise of family or employee monitoring. Popular examples include FlexiSPY and mSpy:
-
FlexiSPY: This is one of the most powerful consumer-grade spy apps, offering a vast feature set. FlexiSPY can intercept and record live phone calls, turn on the phone’s microphone for ambient listening, access messages (SMS, email, chat apps), GPS location, photos, and more. It essentially “takes complete control of the device,” as the company boasts [4]. Such power comes at a high price for consumers: FlexiSPY’s top-tier “Extreme” package costs about $119 per month or $419 per year [5]. (Cheaper tiers with fewer features are available at ~$50–$79 per month.) Notably, on iPhones, FlexiSPY requires a jailbreak to unlock full capabilities, which can be a limiting factor on latest iOS devices [6]. Despite the hurdles, FlexiSPY is known for features like call spying that few others offer.
-
mSpy: In comparison, mSpy is a popular mainstream spy app often used for parental control. It focuses on core monitoring features – tracking call logs, SMS, instant messages (WhatsApp, Facebook, etc.), GPS location, and app usage – but does not intercept live calls or enable microphone/camera activation like FlexiSPY. mSpy prides itself on ease of use (no jailbreak needed for basic iCloud monitoring on iPhones) [6]. It’s also more affordable; an annual subscription is around $139 (roughly $11–$12 per month) [6]. This lower price-point and simpler feature set make mSpy accessible to a wider user base. There are many similar products in the commercial spyware market (Highster Mobile, Spyera, XNSPY, etc.), typically ranging from $30–$70 per month depending on features.
Key Differences: Government-grade spyware like Pegasus employs advanced zero-day exploits to silently infiltrate devices and is sold under strict contracts for law enforcement or intelligence only. Commercial spyware apps usually require physical access to the target device (or tricking the user into installing it) and may trigger security warnings. Their sophistication is lower – for example, they might be detectable by antivirus, and they often leave traces like background processes or increased data usage. However, commercial tools are far easier to obtain (anyone with a credit card can buy them) and can still be dangerously invasive. In summary, Pegasus is a “cyber weapon” costing hundreds of thousands of dollars with near-total stealth, whereas apps like FlexiSPY or mSpy cost on the order of a few hundred dollars and are used in domestic spying or low-level crimes. Both types, however, can land the spy and victim in serious situations – which is why understanding their symptoms and detection is crucial.
Symptoms of Spyware Infections
How can you tell if a mobile device is infected with spyware? Sophisticated spyware aims to remain hidden, but there are often noticeable symptoms that something is amiss. Both high-end and commercial spyware can produce similar signs as they secretly run on the phone. Key warning signs include:
-
Unusual Battery Drain: If your phone’s battery life suddenly drops significantly with no new apps or usage changes, it’s a red flag. Spyware running in the background consumes power to record activity and transmit data. A tapped phone often exhibits reduced battery performance even when idle [7]. In other words, if your battery is draining “while resting” for no reason, a hidden spy app could be working continuously in the background. An older battery can also lose capacity, but abrupt changes should be viewed with suspicion.
-
Overheating When Idle: Along with battery drain, an infected phone may run hotter than normal. Spyware can force the device’s processor and network radios to work overtime (for example, compressing and uploading recordings). If your phone feels warm even when you haven’t used it recently, it could be secretly transmitting data [7]. A phone should not be hot while idle; constant heat without heavy usage is often a tell-tale sign of malware activity.
-
Increased Data Usage: Spyware needs to send the collected information (messages, audio, GPS, etc.) out to whoever is spying. This can result in strange or unexplained spikes in your mobile data usage [8]. For instance, you might notice your monthly data usage report is much higher than usual, despite no change in your habits. Some sophisticated spyware tries to minimize data footprints, but a significant amount of stolen data (photos, call recordings) will inevitably show up on your data plan. Monitoring your data usage for anomalies – and checking which apps are consuming the data – can reveal suspicious activity.
-
Odd Text Messages or Notifications: An infected phone might receive weird SMS texts with gibberish characters or symbols. Many spyware apps are controlled via hidden text commands; for example, the spyware may receive a secret SMS instructing it to send back data. Normally these commands are silent, but glitches can make them visible as garbled texts [7]. Thus, if you start getting SMS messages of random numbers or symbols from unknown senders, it could be a spyware remote-control message “leaking” through. Likewise, if your phone is suddenly flashing notifications while in silent mode or at odd times (for things you don’t recognize), it warrants investigation [7].
-
Strange Phone Behavior: Be alert for general “haunted” behavior on your device. This can include the screen lighting up or the phone rebooting by itself when you’re not doing anything, apps opening or closing on their own, or the device being difficult to shut down properly. Frequent unexplained reboots might indicate the spyware is installing updates or struggling to remain hidden [7]. Another sign is if the phone takes a long time to power off – it may be finalizing data uploads before shutting down. Any consistent unexplained behavior (especially after a suspected time of infection) should raise suspicions.
-
Microphone or Camera Activation: Modern phone operating systems (Android and iOS) will show an indicator light or icon when the microphone or camera is active. If you notice these indicators turning on at odd times (when you’re not using any app that should access them), it may mean spyware is recording you. For instance, seeing the camera “dot” blink on and off randomly could mean a spy app is capturing video or sound in the background [9]. Similarly, hearing unexpected clicking or static noises during voice calls can be a classic sign of phone tapping – though occasional noise could be just a bad connection, persistent audio anomalies should not be ignored [10].
-
Unknown Apps or Configuration Changes: Some spyware disguises itself as a harmless system app or tries to hide entirely. Still, it’s worth checking your installed apps list for anything unfamiliar. If you find an app you don’t remember installing (especially with a generic name like “System Services” or something odd), it could be the spyware in hiding [7]. On Android, also check if any app has Device Administrator rights that you didn’t grant. On iPhones, if you suddenly see a new profile in Settings or the device is jailbroken without your knowledge, that’s a huge warning sign (since powerful spyware often requires a jailbreak). Essentially, any sign of tampering with the device’s normal state – unknown apps, new settings, disabled security features – can indicate malware.
No single symptom above confirms a spyware infection, but a combination of these signs strengthens the case that a device is compromised. A smartphone exhibiting several of these behaviors at once – for example, battery draining quickly, heating up, and weird texts arriving – should be investigated for spyware. Staying alert to these symptoms can prompt quicker action to verify and remove the spyware.
Forensic Techniques for Detection
Detecting spyware on a mobile device can be challenging, especially with well-engineered spyware that tries to erase its traces. However, forensic experts (and even tech-savvy individuals) have developed techniques to uncover these hidden intruders. The approaches range from basic device checks to advanced deep-dive analysis, and they vary based on the resources available – independent investigators may rely on different methods than high-end law enforcement labs. Here we outline how spyware is detected:
Basic Device Scans and User-Level Checks
An initial step is a thorough manual inspection of the device’s software and behavior. Investigators (or users) will review the installed apps, running processes, and settings for anomalies. As mentioned, discovering an unfamiliar app or an app asking for excessive permissions is a red flag. On Android, one can use the Settings > Apps or specialized utilities to list all packages (including hidden ones) and remove any suspicious software [7] after preserving the evidence. Security software can help as well – reputable mobile antivirus or anti-spyware tools (like Norton, Kaspersky, etc.) can scan for known spyware signatures and occasionally detect stalkerware that the user missed. Another basic technique is analyzing network traffic: by monitoring the data connections from the phone (via a proxy or router logs), an investigator might spot connections to known spyware servers or unusually large data transmissions at odd hours. While these user-level methods may catch common commercial spyware, more stealthy programs require deeper forensic analysis.
Independent Digital Forensic Analysis
Independent digital forensic investigators have access to more advanced tools and techniques short of full law enforcement resources. One key approach is to take a complete backup or image of the device and analyze it offline. For example, Amnesty International’s Security Lab released an open-source Mobile Verification Toolkit (MVT) specifically to help examine smartphones for spyware indicators [11]. With MVT, an investigator can input an iOS or Android full backup and the toolkit will scan logs, configuration files, messages, and other data for known traces of spyware (such as Pegasus). This was instrumental in uncovering Pegasus infections; Amnesty’s forensic methodology showed that even Pegasus – which claimed to “leave no traces” – does leave artifacts that can be identified [12]. These artifacts might include suspicious domain addresses in system logs, odd process crash reports, or remnants of the spyware installer. An investigator can also use general mobile forensic software (like Oxygen Forensic Detective or Magnet AXIOM) to parse a phone’s file system and look for indicators: for instance, unusual files in system folders, or known code signatures of commercial spyware. Independent experts sometimes perform a full file-system extraction of a phone to ensure no part of the storage is missed [13]. They will compare the device’s state against known-clean baselines, spotting differences that could be malware. In practice, independent forensic analysts do much of what law enforcement does – examine files, running processes, network logs, and so on – but they might be limited by not having proprietary unlocking tools for encrypted devices. Still, with creativity and tools like MVT, they can often confirm the presence of spyware on a device without needing a police lab. This kind of work is often done for victims who cannot get law enforcement help, or by defense experts reviewing digital evidence in a case.
High-End Law Enforcement Tools
At the top end, law enforcement agencies (and some large private labs) have specialized forensic hardware and software to detect spyware. One commonly used toolset is Cellebrite UFED (Universal Forensic Extraction Device), which is an industry-standard device for extracting data from mobile phones. Cellebrite and similar systems can pull data even from locked or damaged phones in some cases, and then produce a report of all that data. While tools like Cellebrite are often discussed in the context of retrieving evidence (texts, photos, etc.), they are equally useful in uncovering spyware: by performing a low-level extraction of everything on the phone, forensic examiners can comb through the file system for hidden spyware components that a normal user wouldn’t see. Cellebrite’s Physical Analyzer or equivalent software can highlight suspicious apps or processes running on the device. Additionally, agencies like the FBI or state cyber labs maintain databases of known spyware hashes and behaviors – when they analyze a phone dump, they can automatically compare against those databases to identify any match to known spyware (much like antivirus). Law enforcement also has access to carrier records and cloud data: for instance, if spyware exfiltrated data, investigators might subpoena server logs or cloud backups which could reveal connections to a spyware server. In cases of government-grade spyware like Pegasus, detecting it might involve collaboration with experts (such as Citizen Lab or private cybersecurity firms) who are continually researching new exploits. In fact, the discovery of Pegasus infections has often involved a combination of local forensic extraction and remote analysis by specialists, using indicators of compromise published by security researchers [12]. High-end tools can even scan memory and perform dynamic analysis – meaning if the spyware is running, they can observe its behavior in real time using sandbox techniques when possible.
Forensic Indicators: Regardless of who is performing the analysis, some common forensic indicators of spyware include: the presence of known spyware files or packages, unusual modifications to system settings (like a disabled security feature or an enabled “developer mode” that the user didn’t turn on), suspicious outgoing network connections (especially to servers or IPs flagged in threat databases), and any evidence of exploitation (for example, on iPhones, investigators might find records of crashed services or error logs that coincide with known Pegasus attack patterns). Even sophisticated spyware leaves footprints – the key is knowing where to look. Investigators sometimes compare the timeline of a device’s activity with a suspect’s behavior; for example, if at a certain date/time the target started experiencing issues (battery drain, etc.), the forensic expert will zero in on any new software or configuration changes around that timestamp in the device’s logs or install history.
In summary, detecting mobile spyware requires a mix of vigilant observation and technical sleuthing. The level of effort depends on the spyware’s sophistication: a cheap spyware app might be uncovered by a simple scan and manual removal, whereas a nation-state tool like Pegasus might demand a full forensic workflow to identify. Either way, the goal is to bring the spyware to light, preserve the evidence, and then safely remove it from the device.
Legal Consequences of Illicit Spyware Use
Deploying spyware on someone’s phone without authorization isn’t just unethical – it’s often highly illegal. In the United States, both federal and state laws address electronic spying, and violations can lead to severe criminal penalties as well as civil liability. Below, we outline the major legal repercussions under U.S. law, and touch on international perspectives.
U.S. Federal Law
Several federal statutes make clandestine phone spying a crime. The primary law is the Electronic Communications Privacy Act (ECPA), which includes the Wiretap Act and the Stored Communications Act (SCA). Under the ECPA, it is illegal to intercept or access someone’s communications without consent [14]. This means installing spyware to grab texts, emails, or recordings is squarely prohibited. In fact, federal law explicitly forbids intentionally intercepting “any wire, oral, or electronic communication” by using an electronic device (which covers phone calls and messages) [14]. A person who does this – for example, a spouse secretly cloning their partner’s texts via a spy app – can face harsh consequences. The law provides for both criminal charges and a private right of action for the victim. Criminally, unauthorized interception or installation of spyware can be a felony: as one legal guide notes, a spying spouse could be sentenced to up to five years in prison for such a violation [15]. Another relevant federal law is the Computer Fraud and Abuse Act (CFAA), 18 U.S.C. §1030, which prohibits unauthorized access to computers. Smartphones are considered “protected computers” under this law. Thus, hacking into someone’s phone with spyware may also be charged as a CFAA violation – which carries penalties ranging from fines and a year in prison for minor cases up to 10-20 years for serious offenses (especially if done for fraud or if it causes significant harm) [16]. In practice, federal prosecutors have used a combination of ECPA and CFAA to go after egregious spyware incidents, particularly when interstate or multiple victims are involved (since these are federal jurisdiction triggers). Additionally, if the spyware was used to stalk or harass someone across state lines, the conduct might implicate federal stalking or cyberstalking statutes as well.
State Laws
Beyond federal law, every U.S. state has its own laws that can apply to spyware use. Many states have electronic privacy or anti-wiretapping laws that mirror or add to the federal Wiretap Act. For instance, in Washington State, there is a specific spyware statute: RCW 19.270.020 explicitly makes it illegal to install spyware on someone else’s device without consent [15]. A person violating this law can face criminal charges and be sued civilly by the victim. Other states may not have a dedicated “spyware” statute by name, but they enforce such conduct under broader laws on unlawful interception, invasion of privacy, computer crimes, or even peeping tom/eavesdropping laws. States also differ on consent requirements for recording calls – in “two-party consent” states (like California), recording a call without all parties’ consent is illegal, which would make features like call recording via spyware doubly unlawful. In a domestic context, a spouse installing spyware could also run afoul of harassment or stalking laws at the state level. Penalties vary by state but often include misdemeanors or felonies with potential jail time, especially if audio interception is involved (many states treat secret audio recording very seriously). Importantly, evidence obtained through illegal spyware is typically inadmissible in court. For example, if a husband installed a spy app and gathered evidence of his wife’s chats, a family court will likely refuse to consider that evidence once it’s revealed it was collected unlawfully. The husband could instead end up facing charges himself. State judges have little tolerance for self-help surveillance that violates privacy laws.
Civil Lawsuits
Victims of spyware can pursue civil remedies as well. Under federal law (ECPA), a victim can sue the offender for damages – including statutory damages (set amounts per violation) and punitive damages for willful conduct. Some states also allow civil suits for invasion of privacy. In many cases, courts have awarded victims compensation from offenders who spied on them illegally. For instance, in the scenario of a spying spouse, the court may order the offender to pay monetary damages for each day the spyware was used. Civil liability provides an avenue for victims to be made whole (financially) and acts as a deterrent by hitting offenders in the wallet. Moreover, if the offender is a company (e.g., an employer who illegally spied on an employee’s device), civil penalties can be steep and class-action suits can arise if multiple people were affected. The Federal Trade Commission (FTC) has also taken action against spyware companies in the past for facilitating illegal surveillance, sometimes resulting in settlements or orders that bolster victims’ rights.
International Perspective
Around the world, laws similarly prohibit unauthorized surveillance, though enforcement and specifics vary. In the EU, using spyware against someone would violate fundamental privacy rights and data protection laws (such as GDPR, if personal data is collected). European countries treat the secret monitoring of communications as a criminal offense under their national laws and the European Convention on Human Rights (Article 8 – right to privacy). There have been high-profile cases in countries like Germany, France, and India dealing with spyware abuse. Internationally, the proliferation of government-grade spyware like Pegasus has prompted serious backlash. In 2021, the United States Commerce Department blacklisted NSO Group (Pegasus’s creator) on its export Entity List due to evidence that Pegasus was used by foreign governments to target journalists, activists and officials – a human rights abuse concern [17]. This effectively sanctioned the company, making it illegal for U.S. entities to do business with them without a license. Similarly, the EU Parliament launched inquiries into Pegasus use within European countries, and lawsuits have been filed against NSO Group by tech companies and activists. While spies and governments operate in a murky legal space, international law is coalescing around the principle that such spyware should only be used in lawful investigations (if at all), and its misuse is a violation of human rights. Companies that create or facilitate spyware face reputational damage and legal action across borders – for example, spyware vendors have been sued in multiple jurisdictions for enabling illegal interception.
In summary, the legal consequences for illicit spyware use are severe. On the criminal side, a person can face felony charges, years of imprisonment, and fines under federal and state laws. On the civil side, they can be sued for significant damages and will have any “fruit of the poison tree” (illegitimately obtained evidence) tossed out of court. For defense attorneys, this is crucial: if prosecution or opposing counsel ever tries to introduce evidence derived from spyware, one can move to suppress it and potentially have the spyware’s user (even if it’s the plaintiff or a private investigator) subject to legal repercussions. For investigators, it’s a reminder to always stay on the right side of the law when gathering digital evidence – use court orders and legal methods, not DIY spyware. And for anyone tempted to “spy” on someone’s phone without consent, the bottom line is clear: it’s illegal and prosecutable in most circumstances, with few exceptions (e.g. a parent monitoring their minor child is generally allowed, or law enforcement with a warrant). The law values privacy highly, and as cases of spyware abuse come to light, courts are increasingly willing to make examples of offenders to underscore that point.
Conclusion
Mobile spyware presents a dual threat: highly sophisticated tools like Pegasus imperil the privacy of even the most security-conscious individuals, while cheap spyware apps enable average people to become illicit snoops. For criminal defense lawyers and professional investigators, understanding this landscape is vital. We’ve seen how government-grade spyware differs from commercial stalkerware in cost and capability – from million-dollar zero-click exploits to $50/month phone trackers – yet both can wreak havoc on victims’ lives. We’ve outlined the tell-tale signs a phone may be compromised, such as sudden battery drain, unexplained data use, or strange texts and behaviors. We’ve also explored how to confirm those suspicions through forensic techniques: whether it’s a private expert using the Mobile Verification Toolkit on a device backup or law enforcement using Cellebrite to pull every byte from a phone, spyware can be unmasked. Crucially, we’ve addressed the legal fallout – deploying spyware can lead to serious criminal charges, civil lawsuits, and evidentiary sanctions, under an array of U.S. laws designed to protect privacy.
For defense attorneys, this knowledge has practical application. In cases where a client is accused of illicit surveillance, understanding the technology can help in challenging the evidence or the prosecution’s narrative (for example, questioning if forensic analyses followed proper protocol to actually prove a defendant installed spyware). Conversely, if defending a victim of spyware, an attorney can work with forensic experts to gather admissible proof of the spying (device logs, etc.) and use the law to seek justice against the perpetrator. Investigators, too, must stay abreast of spyware trends to effectively assist in such cases – knowing which tools can detect the latest spyware, and how to preserve digital evidence of it, is now part of the trade.
Ultimately, mobile spyware underscores the cat-and-mouse dynamic of digital forensics and law: as spying methods evolve, so do detection techniques and legal frameworks. The key takeaway for professionals is to remain vigilant and informed. An infected phone can upend personal privacy and legal proceedings, but with the right expertise, one can detect, prove, and address spyware intrusion. Stay calm and methodical when confronting a potential phone hack – the evidence can be found and the law is on the side of the victim. By combining technical know-how with legal tools, defense lawyers and investigators can turn the tables on those who abuse spyware, ensuring they face the consequences of their digital wrongdoing.
References
[1] K. G. Hartman, "Help! My phone has been hacked!," Lucid Truth Technologies, Jan. 20, 2025. Available: https://lucidtruthtechnologies.com/help-my-phone-has-been-hacked/. [Accessed: Feb. 2025].
[2] "Pegasus (spyware)," Wikipedia, The Free Encyclopedia. Available: https://en.wikipedia.org/wiki/Pegasus_(spyware). [Accessed: Feb. 2025].
[3] R. S. Sharma, "Pegasus snooping: How costly is the Israeli spyware?," The Times of India, Jul. 31, 2021. Available: https://timesofindia.indiatimes.com/business/india-business/pegasus-snooping-how-costly-is-the-israeli-spyware/articleshow/84893498.cms. [Accessed: Feb. 2025].
[4] "FlexiSPY – The Most Powerful Spyware," FlexiSPY. Available: https://www.flexispy.com/. [Accessed: Feb. 2025].
[5] "FlexiSPY Review 2024: Does This Spy App Work?," MoniMaster, Jan. 2024. Available: https://www.monimaster.com/reviews/flexispy-reviews/. [Accessed: Feb. 2025].
[6] "FlexiSPY vs. mSpy – Which Is the Best Spy App?," mSpy. Available: https://www.mspy.com/flexispy.html. [Accessed: Feb. 6, 2025].
[7] "How to tell if your cell phone is tracked, tapped, or monitored by spy software," Norton, May 9, 2023. Available: https://us.norton.com/blog/privacy/how-to-tell-if-your-cell-phone-is-tracked-tapped-or-monitored-by-spy-software. [Accessed: Feb. 2025].
[8] "Is someone spying on my phone? Signs to look for," Surfshark, Aug. 1, 2023. Available: https://surfshark.com/blog/is-someone-spying-on-my-phone. [Accessed: Feb. 6, 2025].
[9] A. Trevino, "How To Tell if Spyware Is on Your Phone and How to Remove It," Keeper Security, Feb. 9, 2024. Available: https://www.keepersecurity.com/blog/2024/02/09/how-to-tell-if-spyware-is-on-your-phone-and-how-to-remove-it/. [Accessed: Feb. 2025].
[10] O. Buxton, "How to Tell If Your Phone Is Being Tapped: 10 Warning Signs," AVG, Apr. 5, 2023. Available: https://www.avg.com/en/signal/number-to-dial-to-see-if-your-phone-is-tapped. [Accessed: Feb. 6, 2025].
[11] A. Stefanescu, "Fellowship: MVT-Companion – making forensics more accessible," Amnesty International Security Lab, Sep. 21, 2023. Available: https://securitylab.amnesty.org/latest/2023/09/fellowship-mvt-companion-making-forensics-more-accessible/. [Accessed: Feb. 2025].
[12] C. Guarnieri, "Forensic Methodology Report: How to catch NSO Group's Pegasus," Amnesty International, Jul. 18, 2021. Available: https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/. [Accessed: Feb. 2025].
[13] K. G. Hartman, "Understanding Mobile Device Extractions: A Lawyer's Guide," Lucid Truth Technologies, Jan. 20, 2025. Available: https://lucidtruthtechnologies.com/mobile-device-extraction-guide-for-lawyers/. [Accessed: Feb. 6, 2025].
[14] J. Montague, "Spyware Laws Unveiled: A Guide to Legal and Illegal Uses," Montague Law. Available: https://montague.law/blog/spyware-laws/. [Accessed: Feb. 6, 2025].
[15] "Spousal Spying in Washington Divorce," Weintraub Law Office, Aug. 26, 2015. Available: https://www.weintraub-law.com/blog/spousal-spying-in-washington-divorce/. [Accessed: Feb. 6, 2025].
[16] "Computer Hacking Charges – 18 USC § 1030," Eisner Gorin LLP. Available: https://www.egattorneys.com/federal-computer-hacking. [Accessed: Feb. 6, 2025].
[17] "Commerce Adds NSO Group and Other Foreign Companies to Entity List for Malicious Cyber Activities," U.S. Department of Commerce, Nov. 3, 2021. Available: https://www.commerce.gov/news/press-releases/2021/11/commerce-adds-nso-group-and-other-foreign-companies-entity-list. [Accessed: Feb. 6, 2025].
