Apple iPhone According to four people familiar with the matter, of at least nine US State Department employees were hacked by an unknown perpetrator using advanced spyware developed by Israel-based NSO Group. Hacking, which has happened in the past few months, has hit US officials based in Uganda or focused on issues related to East African countries, two sources said.
The first reported intrusion here represents the most widely known hack of US officials through NSO technology. Previously, a list of numbers with potential targets, including some US officials, emerged in the NSO report, but it was not clear whether the intrusion was always attempted or successful. Reuters was unable to determine who launched the latest cyberattack.
NSO Group In a statement Thursday, there were no signs that their tools were used, but they said they would cancel access to relevant customers and investigate based on Reuters inquiries. “If the investigation reveals that these measures were actually taken with NSO’s tools, such customers will be permanently terminated and legal action will be taken,” said an NSO spokeswoman. , NSO “cooperates with relevant government authorities to provide complete information. Information we have.”
NSO has long stated that it sells its products only to government law enforcement and intelligence clients, helping them monitor security threats and not being directly involved in monitoring operations. .. Officials from the Ugandan Embassy in Washington did not comment. An Apple spokeswoman declined to comment.
A State Department spokesperson refused to comment on the intrusion and instead noted the Commerce Department’s recent decision to put an Israeli company on the entity list, which makes it difficult for U.S. companies to do business with them. .. NSO Group and another spyware company have used this tool to develop spyware that maliciously targets government officials, journalists, businessmen, activists, scholars, and embassy workers to foreign governments. It was added to the Entity List based on the decision to supply it. ” The Commerce Department said in a statement last month.
Easy to identify
NSO software not only captures encrypted messages, photos and other sensitive information from infected phones, but also turns them into recording devices and monitors their surroundings based on product manuals reviewed by Reuters. I can do it.
Apple’s warning to affected users did not name the creator of the spyware used in this hack.
The victims reported by Apple included U.S. citizens and associated an email address ending in state.gov with their Apple ID, so they could easily identify them as U.S. government officials, the two said.
Other targets that Apple has notified in multiple countries have been infected with the same graphics processing vulnerabilities that Apple didn’t learn and fix until September, sources said.
A flaw in this software has allowed some NSO customers to control their iPhones by simply sending an invisible but contaminated iMessage request to their device, according to researchers investigating spy campaigns, since at least February. It came to be.
Victims do not need to see or interact with prompts for a successful hack. You can then install a version of NSO monitoring software commonly known as Pegasus.
Apple’s announcement to notify victims came on the same day it sued NSO Group last week, accusing it of helping a number of customers break into Apple’s mobile software, iOS.
The NSO has responded to the general public that the technology has helped stop terrorism and has put in place controls to curb espionage against innocent targets.
For example, according to NSO, intrusion systems do not work on phones with US numbers starting with country code +1.
However, in the case of Uganda, the target State Department employees were using iPhones registered with foreign phone numbers without a US country code, two sources said.
Uganda was involved in elections this year with reports of fraud, protests and government crackdowns. US officials have angered the Ugandan government and tried to meet with opposition leaders. Read more Reuters has no evidence that the hack was related to the current events in Uganda.
One of the reasons Biden’s executives are threatening foreign Americans on the condition that their identities have not been identified, and that the government is cracking down on companies such as NSOs and conducting new global debates on espionage restrictions. Said that it was one.
Officials added that the government saw “systemic abuse” in several countries, including NSO’s Pegasus spyware.
“A company that allows customers to hack US government officials is a threat to US national security and should be treated as such,” said Senator Ron Wyden of the Senate Intelligence Committee.
Historically, NSO Group’s most famous past clients included Saudi Arabia, United Arab Emirates, and Mexico.
The Israeli Ministry of Defense needs to approve its export license in order to sell NSO technology, which is closely related to Israeli defense and intelligence agencies, internationally.
In a statement, the Israeli Embassy in Washington said targeting American officials would be a serious breach of the rule.
“Cyber products such as those mentioned above are supervised and licensed for export to the government only for counterterrorism and serious crime-related purposes,” said an embassy spokesperson. A serious breach of these provisions. “
At least nine iPhones of US State Department officials hacked using NSO Group spyware
Source link At least nine iPhones of US State Department officials hacked using NSO Group spyware