Nine US State Department officials had their iPhones remotely hacked by spyware from controversial firm NSO Group, according to reports.
Four people familiar with the matter told Reuters that the Israel developer’s Pegasus malware was used to snoop on the US government victims over the past few months. Although the identity of the hacker(s) is unknown, the targeted staffers were either based in Uganda or working on projects concerning the African country.
They were apparently notified by Apple as part of a wider effort to contact global customers whose devices had been compromised by the NSO-developed “ForcedEntry” exploit. It enabled attackers to remotely hijack smartphones and install Pegasus without any need for user interaction. Apple is also suing NSO Group in a bid to hold it accountable for the actions of some unscrupulous clients.
NSO Group said in a statement that it “shut down all the customers potentially relevant to this case,” while it investigates further.
It appears that the individuals were able to be compromised in this incident because they were using phones not registered in the US.
“We emphasize that the Pegasus software is installed based on phone numbers only, and the tools are incapable of being installed on US (+1) numbers. This case doesn’t involve US phone numbers, and the company had no way to know who the persons monitored by our customers were,” the NSO Group statement continued.
“If the allegations turn out to be true, they are a blunt violation of all commitments and agreements that company has with its customers, and the company will take legal action against these customers.”
Last month, the Treasury put NSO Group on its Entity List — an export blacklist that will make it harder for the firm to get hold of American components or work with US partners.