iPhones Have Been Hacked by NSO Group Spyware: Through NSO Group technology, it is the largest known breach of US officials.
According to four persons familiar with the situation, at least nine US State Department workers’ Apple iPhones were hacked by an unknown adversary using sophisticated spyware manufactured by Israel-based NSO Group.
The breaches, which occurred in the previous several months, targeted US officials who were either located in Uganda or engaged on issues impacting the East African country, according to two of the people.
The attacks, which were initially revealed here, are the most extensive known hacking of US officials using NSO technology. Previously, a list of numbers with prospective targets that included certain American leaders appeared in NSO reports, although it was unclear if incursions were always attempted or successful.
Reuters was unable to identify who was behind the most recent hacks.
NSO Group said in a statement on Thursday that it had no evidence that its tools had been used, but that it had revoked access for the affected clients and that it would investigate based on the Reuters investigation.
“If our investigation shall show these actions indeed happened with NSO’s tools, such customer will be terminated permanently and legal actions will take place,” said an NSO spokesperson, who added that NSO will also “cooperate with any relevant government authority and present the full information we will have.”
NSO has always said that it exclusively sells its products to government law enforcement and intelligence clients to assist them in monitoring security concerns and that it is not involved in surveillance activities.
Uganda’s embassy in Washington did not respond to a request for comment. Apple declined to comment through a representative.
A State Department spokesman declined to comment on the incursions, instead referring to the Commerce Department’s recent decision to put the Israeli corporation on an entity list, making it more difficult for American companies to do business with them.
The Commerce Department said in a statement last month that NSO Group and another spyware company were “added to the Entity List based on a determination that they developed and supplied spyware to foreign governments that used this tool to maliciously target government officials, journalists, business people, activists, academics, and embassy workers.”
Simple to identify.
According to product manuals seen by Reuters, NSO software may not only capture encrypted messages, images, and other sensitive information from infected phones but also transform them into recording devices to watch the environment.
The developer of the malware employed in this breach was not named in Apple’s advisory to impacted consumers.
According to two of the persons who were alerted by Apple, the victims included American residents who were immediately recognisable as U.S. government officials since their Apple IDs were linked to email addresses ending in state.gov.
They were infected through the same graphics processing vulnerability that Apple did not learn about and fix until September, according to the sources. They and other targets notified by Apple in multiple countries were infected through the same graphics processing vulnerability that Apple did not learn about and fix until September, according to the sources.
According to experts who researched the espionage effort, this software issue has allowed certain NSO clients to gain control of iPhones since at least February by sending invisible but contaminated iMessage requests to the device.
For the hack to succeed, the victims would not need to see or engage with a prompt. NSO surveillance software popularly referred to as Pegasus, may then be deployed.
Apple made the news on the same day it sued NSO Group last week, accusing it of assisting several clients in breaking into Apple’s mobile software, iOS.
In a public statement, NSO stated that its technology aids in the prevention of terrorism and that it has implemented procedures to prevent snooping on innocent people.
NSO, for example, claims that their infiltration system won’t operate on iPhones that start with the country code +1 in the United States.
According to two of the individuals, the targeted State Department officials in Uganda were using iPhones with foreign phone numbers and no U.S. country code.
This year, Uganda has been shaken by an election plagued by alleged irregularities, demonstrations, and a government crackdown. The Ugandan administration has reacted angrily to attempts by US diplomats to meet with opposition leaders. There is no proof that the breaches were linked to current events in Uganda, according to Reuters.
One of the reasons the government is tightening down on corporations like NSO and seeking new worldwide discussions about eavesdropping limitations, according to a senior Biden administration official who spoke on the condition of anonymity.
The person went on to say that the government has observed: “chronic exploitation” of NSO’s Pegasus malware in various nations.
Senator Ron Wyden of Oregon, a member of the Senate Intelligence Committee, stated: “Companies that enable their customers to hack U.S. government employees are a threat to America’s national security and should be treated as such.”
Saudi Arabia, the United Arab Emirates, and Mexico were among NSO Group’s most well-known prior clients.
To market its technology worldwide, the Israeli Ministry of Defense must authorise export permits for NSO, which has deep links to Israel’s defence and intelligence communities.
The Israeli embassy in Washington issued a statement saying that targeting American officials would be a major violation of its norms.
“Cyber products like the one mentioned are supervised and licensed to be exported to governments only for purposes related to counter-terrorism and severe crimes,” an embassy spokesperson said. “The licensing provisions are very clear and if these claims are true, it is a severe violation of these provisions.”