In recent years, the use of commercial spyware has increased significantly, with a wider range of actors deploying it against various targets. However, the prevailing belief has been that this type of malware is only used in targeted attacks against a small number of individuals. This has made it difficult for people to check their devices for infection, leading to a reliance on academic institutions and NGOs for forensic techniques to detect mobile spyware. However, a new spyware detection feature launched by mobile device security firm iVerify has shed light on the prevalence of this type of malware. Out of 2,500 device scans submitted for inspection, seven were found to be infected with the notorious NSO Group malware known as Pegasus. This discovery has challenged the narrative that spyware is only used against journalists and activists, as the infected devices belonged to business leaders, government officials, and individuals in commercial enterprises. While seven out of 2,500 may seem like a small number, it highlights the widespread use of spyware around the world. The availability of an easy-to-use tool for detecting spyware compromises may provide a more accurate picture of its usage. NSO Group, the company behind Pegasus, claims to only sell its products to vetted US and Israel-allied intelligence and law enforcement agencies.