According to a Reuters report, at least nine US State Department officials working in or with Uganda had their iPhones hijacked by NSO Group malware. The Wall Street Journal has confirmed the allegation, stating that 11 US and Ugandan embassy employees were hacked.
While the perpetrators of the attacks are unknown, NSO Group claims that it only distributes its software to government groups that have received Israeli government permission.
According to NSO, its malware is unable to target US phone numbers (those with a country code of +1). This episode doesn’t appear to disprove that claim; according to Reuters, the people targeted were State Department workers who were using international phone numbers.
Nonetheless, the devices were utilised for official State Department work, raising the possibility that NSO is now involved in a US espionage operation.
The attacks, according to Reuters, occurred “in the last six months.”
The Pegasus spyware from NSO is capable of remotely logging data from an infected iOS or Android smartphone, as well as turning on a phone’s microphones or cameras without being detected.
It can also infect phones via a “zero-click” assault, in which malware is deployed without the target clicking a link or taking any other action.
Pegasus isn’t supposed to leave any traces, but investigators have devised various methods for determining whether or not a phone has been hacked by it. You can learn more about it in our explainer, which delves into media investigations into governments’ use of it to target journalists, politicians, and activists.
Before selling its software to another government entity, NSO, based in Israel, must obtain approval from the Israeli Ministry of Defense. Shalev Hulio, a co-founder of NSO, has stated that the company has no idea who its clients are spying on using their software.
Clients that use Pegasus on off-limits targets will be investigated, and if evidence of abuse is found, the client’s access to the software will be revoked.
According to Reuters, an NSO representative said the business will look into the accusations, and the Israeli embassy said a government using Pegasus to target US officials would be a “gross violation” of the company’s licencing agreements.
The United States has added NSO to its list of entities, imposing tight limits on American corporations’ ability to sell their goods or services to the organisation.
Apple filed a complaint against NSO Group in the private sector, alleging that the corporation violated Apple’s terms of service by creating over a hundred iCloud accounts in order to deliver malicious data via iMessage.
Apple claims that has patched the precise vulnerability used by NSO to install Pegasus with iOS 14.8 and that it introduced further defences in iOS 15, which it claims has yet to be breached by Pegasus.
Apple said it will warn consumers who had been targeted by a state-sponsored surveillance programme when it announced its lawsuit. Norbert Mao, a Ugandan politician, tweeted in November that he had received one of the notifications. According to the Wall Street Journal, these notifications were also received by US officials.
According to reports, the US administration is collaborating with other countries to prevent surveillance technology and methods from being sold to authoritarian regimes.
The initiative will centre on export limitations, according to The Wall Street Journal, and will most likely be announced during the Summit for Democracy, which begins on December 9th.