The iPhones of at least nine US state department officials were recently hacked by a government using NSO Group spyware, Reuters reported on Saturday, quoting four unidentified officials in the knowledge of the matter.
Reuters said it could not determine which NSO client was behind the attack.
The claim, which was reported by Reuters, comes just weeks after the Biden administration placed NSO on a US blacklist and said the surveillance company acted “contrary to the foreign policy and national security interests of the US”.
The employees, who used Apple’s iPhones, were either based in Uganda or worked on matters related to the African country, according to the report.
These are the largest reported hacks targeting US officials using the Pegasus spyware, according to Reuters.
The intrusions, first reported by Reuters, have also been confirmed by unidentified officials speaking to AP and CNN.
According to a report in The Wall Street Journal, Apple has notified 11 US State Department employees in Uganda that their iPhones were hacked.
Pegasus is military-grade spyware that is sold only to vetted governments.
The US citizens, whose phones were infiltrated, were identified as government officials as their email addresses, which ended in “state.gov”, had been linked with their Apple IDs, two officials told Reuters.
The revelation that US officials had been targeted using Pegasus came days after Apple sued the NSO Group. The American technology firm alleged that NSO Group and its clients conducted highly-targeted cyberattacks, allowing them access to cameras, microphones, sensitive data on Apple and Android devices.
In response to the Reuters story, NSO group has released a statement as below:
We have committed before that once there is a suspicion that a customer misuses the technology sold by NSO, the company will investigate and will terminate the contract if found true.
Last night, following an inquiry we received alleging Ugandan phone numbers used by US government officials were hacked, we immediately shut down all the customers potentially relevant to this case, due to the severity of the allegations, and even before we began the investigation.
This termination took place despite the fact that there is no indication the phones were targeted by NSO’s technology. The claims of all involved parties specifically mentioned there is no indication, let alone proof, that it was NSO’s tools that were used by these customers.
We emphasize that the Pegasus software is installed based on phone numbers only, and the tools are incapable of being installed on US (+1) numbers. This case doesn’t involve US phone numbers, and the company had no way to know who the persons monitored by our customers were.
If the allegations turn out to be true, they are a blunt violation of all commitments and agreements that company has with its customers, and the company will take legal action against these customers.
A global media for the latest news, entertainment, music fashion, and more.
