Software from Israeli company NSO Group would be used to spy on journalists, activists and lawyers around the world, according to research by international media companies.

They found a list of 50,000 phone numbers of people who may have been hacked.

The program that does this is called Pegasus and has been controversial for years.

The list includes 180 journalists from

CNN

,

AP

,

The New York Times

and

Bloomberg

, among others

.

In addition, there are businessmen, human rights activists and hundreds of politicians and government employees.

The people on the list come from fifty different countries.

Those numbers were potential targets for governments using Pegasus.

It is not known whether all of them were hacked and for what purpose.

NSO does not agree with the outcome of the large-scale investigation.

A spokesperson told

The Verge

that the investigation is "full of false assumptions and unsubstantiated theories that cast doubt on the reliability and interests of the sources."

The company is also considering a libel lawsuit, because "these allegations are so outrageous and far from reality".

NSO claims to have good intentions with the software.

The company describes Pegasus as "technology that helps governments detect and investigate terrorism and crime to save thousands of lives".

In addition to governments, dozens of intelligence and investigation services worldwide also use NSO software.

NSO says it is only a seller of the software and does not know what governments and services do with it afterwards.

Still, the use of Pegasus is controversial.

The malware infects phones, after which almost everything can be read.

For example, the software can copy messages, browse photos and record conversations.

With all the information that the program collects, it is potentially possible to trace where the user has been and with whom there was contact.

It is getting more and more complicated to notice anything of a Pegasus infestation.

In 2016, when Pegasus was first discovered, users were infected by clicking on a link.

After that, the technology became more advanced.

The software nowadays makes extensive use of so-called

zero-day

vulnerabilities.

Those are holes in phone makers' operating systems that have not yet been discovered by them.

By exploiting these weaknesses, malware can be injected into phones without the user's knowledge.

This happened, for example, with WhatsApp in 2019. NSO software was then used to infect more than fourteen hundred phones, simply with a WhatsApp call to the target.

The conversation didn't even have to be recorded.

Very recently, Pegasus also reportedly exploited vulnerabilities in Apple's iMessage to gain access to iPhones. By entering pre-installed software on a phone, such as iMessage, there are immediately a huge number of potential targets to eavesdrop.