Apple notified several U.S. Embassy and State Department employees that their iPhones may have been targeted by an unidentified attacker using a security code developed by the controversial Israeli company NSO, Reuters and the Washington Post reported. Group developed state-sponsored spyware.
The iPhones of at least 11 US embassy officials based in Uganda or focused on issues related to the country are said to have been hacked, and the identities of the intruders are still unknown.
The attacks, which occurred over the past few months, mark the first time such sophisticated surveillance software has been used against U.S. government employees.
NSO Group is the maker of Pegasus, the military-grade spyware that allows its government clients to secretly loot documents and photos, eavesdrop on conversations and track the whereabouts of victims. Pegasus uses a zero-click vulnerability sent through a messaging app to infect iPhone and Android devices without the target clicking a link or taking any other action, but it cannot handle U.S. phone numbers by default.
In response to the reports, NSO Group said it would investigate the matter and take legal action if necessary against customers who used its tools illegally, adding that it had suspended the "relevant accounts" due to the "serious nature of the allegations."
Notably, the company has long insisted on selling its products only to government law enforcement and intelligence customers to help monitor security threats and monitor terrorists and criminals. But evidence gathered over the years suggests the technology is being systematically abused to spy on human rights activists, journalists and politicians from Saudi Arabia, Bahrain, Morocco, Mexico and other countries.
NSO Group's actions came at a heavy cost, putting it in the crosshairs of the U.S. Commerce Department, which last month placed the company on an economic blacklist.
Separately, tech giants Apple and Meta have launched legal attacks against the company for illegally hacking its users by exploiting previously unknown security flaws in iOS and the end-to-end encrypted WhatsApp messaging service. Meanwhile, Apple also said it began sending threat notifications on November 23 to alert users it believed had been targeted by state-sponsored attackers.
Original article by CNCSO, if reproduced, please credit: https://cncso.com/en/diplomats-iphones-suspected-to-be-hacked-html