Obviously, not widespread and hopefully it won't become so. The people infected are largely in South Korea so perhaps it's China or even North Korea trying to steal information. It's quite insidious in its capabilities which are listed in the article. Unlike Pegasus, it gets on a phone by posing as a legitimate app.
https://arstechnica.com/gadgets/2021/11/1000-android-phones-found-infected-by-creepy-new-spyware/