Washington / San Francisco: Apple Inc At least nine US State Department employees’ iPhones have been hacked by unknown perpetrators using sophisticated spyware developed by the Israel-based NSO Group.
Hacking, which has happened in the past few months, has hit US officials based in Uganda or focused on issues related to East African countries, two sources said.
The first reported intrusion here represents the most widely known hack of US officials through NSO technology. Previously, in the NSO https://www.washingtonpost.com/national-security/2021/07/19/us-phone-numbers-nso report, numbers with potential targets, including some U.S. officials. A list of was displayed, but it wasn’t. Clarify whether the intrusion was always attempted or successful.
Reuters was unable to determine who launched the latest cyberattack.
NSO Group said in a statement Thursday that it would cancel access to related customers and investigate based on Reuters inquiries, although there are no signs that the tool was used.
“If the investigation reveals that these measures were actually taken with NSO’s tools, such customers will be permanently terminated and legal action will be taken,” said an NSO spokeswoman. , NSO “cooperates with relevant government authorities to provide complete information. Information we have.”
NSO has long stated that it sells its products only to government law enforcement and intelligence clients, helping them monitor security threats and not being directly involved in monitoring operations. ..
Officials from the Ugandan Embassy in Washington did not comment. An Apple spokeswoman declined to comment.
A State Department spokesperson refused to comment on the intrusion and instead noted the Commerce Department’s recent decision to put an Israeli company on the entity list, which makes it difficult for U.S. companies to do business with them. ..
NSO Group and another spyware company have used this tool to develop spyware that maliciously targets government officials, journalists, businessmen, activists, scholars, and embassy workers, and foreign governments. Was added to the Entity List based on the decision to supply to. ” The Department of Commerce announced in its announcement https://www.commerce.gov/news/press-releases/2021/11/commerce-adds-nso-group-and-other-foreign-companies-entity-list#:~: Said text = NSO% 20Group% 20and% 20Candiru% 20 (Israel,% 2C% 20academics% 2C% 20and% 20embassy% 20workers last month.
Easy to identify
NSO software not only captures encrypted messages, photos and other sensitive information from infected phones, but also turns them into recording devices and monitors their surroundings based on product manuals reviewed by Reuters. I can do it.
Apple’s warning to affected users https://twitter.com/norbertmao/status/1463364241688305664 did not appoint the creator of the spyware used in this hack.
The victims reported by Apple included U.S. citizens and associated an email address ending in state.gov with their Apple ID, so they could easily identify them as U.S. government officials, the two said.
They and other targets notified by Apple in multiple countries https://www.reuters.com/technology/apple-warns-thai-activists-state-sponsored-attackers-may-have-targeted-iphones-2021- According to sources on 11-24, it was infected with the same graphics processing vulnerability that Apple did not learn and fix until September.
A flaw in this software has allowed some NSO customers to control their iPhones by simply sending an invisible but contaminated iMessage request to their device, according to researchers investigating spy campaigns, since at least February. It came to be.
Victims do not need to see or interact with prompts for a successful hack. You can then install a version of NSO monitoring software commonly known as Pegasus.
Apple’s announcement to notify victims https://www.apple.com/newsroom/2021/11/apple-sues-nso-group-to-curb-the-abuse-of-state-sponsored-spyware Last week NSO Group The day I sued https://www.reuters.com/technology/apple-files-lawsuit-against-nso-group-2021-11-23 Helping a large number of customers break into Apple’s mobile software iOS I blamed him.
The NSO has responded to the general public that the technology has helped stop terrorism and has put in place controls to curb espionage against innocent targets.
For example, according to NSO, intrusion systems do not work on phones with US numbers starting with country code +1.
However, in the case of Uganda, the target State Department employees were using iPhones registered with foreign phone numbers without a US country code, two sources said.
Uganda was involved in an election this year where irregularities were reported https://www.reuters.com/article/us-uganda-election/uganda-accuses-us-envoy-of-subversion-for-trying -to-visit-Candidate-id USKBN29O0FZ, protest https://www.reuters.com/world/ugandan-troops-block-us-ambassador-opposition-leaders-house-2021-01-19 and government crackdown. US officials have angered the Ugandan government and tried to meet with opposition leaders. Reuters has no evidence that the hack was related to the current events in Uganda.
One of the reasons Biden’s executives are threatening foreign Americans on the condition that their identities have not been identified, and that the government is cracking down on companies such as NSOs and conducting new global debates on espionage restrictions. Said that it was one.
Officials added that the government saw “systemic abuse” in several countries, including NSO’s Pegasus spyware.
“A company that allows customers to hack US government officials is a threat to US national security and should be treated as such,” said Senator Ron Wyden of the Senate Intelligence Committee.
Historically, NSO Group’s most famous past clients included Saudi Arabia, United Arab Emirates, and Mexico.
The Israeli Ministry of Defense needs to approve its export license in order to sell NSO technology, which is closely related to Israeli defense and intelligence agencies, internationally.
In a statement, the Israeli Embassy in Washington said targeting American officials would be a serious breach of the rule.
“Cyber products such as those mentioned above are supervised and licensed for export to the government only for counterterrorism and serious crime-related purposes,” said an embassy spokesperson. A serious breach of these provisions. “
US State Department phone hacked by Israeli company spyware
Source link US State Department phone hacked by Israeli company spyware