It has been revealed that NSO Group’s Pegasus malware was used to spy on U.S. government officials over the past few months.
The iPhones of 9 U.S. state department officials were targeted with surveillance software. The officials were either in Uganda or working on projects linked to Uganda. The perpetrators of the attack are yet to be identified.
Unknown Assailant Successfully Targets U.S. Officials
According to a report published by Reuters, an unknown actor targeted the phones of 9 U.S. State department officials using spyware developed by the Israeli NSO Group.
“Apple Inc iPhones of at least nine U.S. State Department employees were hacked by an unknown assailant using sophisticated spyware developed by the Israel-based NSO Group, according to four people familiar with the matter. The intrusions, first reported here, represent the widest known hacks of U.S. officials through NSO technology,” Reuters report read.
Reportedly, NSO Group’s Pegasus malware was used to spy on U.S. government officials over the past few months.
Apple Sues NSO Group
As per Reuters, the victims of the hacking were notified by Apple Inc. The company was in the process of contacting its global customers whose phones had been compromised using the NSO-developed ForcedEntry exploit. This exploit allowed attackers to hijack iPhones remotely and install Pegasus spyware without requiring user input or interaction.
Apple sued NSO Group in November to hold it accountable for the trouble it’s developed Pegasus spyware has caused Apple’s clients and aims to prevent NSO Group’s tools/software from targeting its customers permanently. Apple’s notification read:
“Apple today filed a lawsuit against NSO Group and its parent company to hold it accountable for the surveillance and targeting of Apple users. The complaint provides new information on how NSO Group infected victims’ devices with its Pegasus spyware. To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices.”
NSO Group’s Response
The NSO Group claims to have shut down all the customers relevant to this case and is investigating the incident. In its statement, the company noted that the hijacking was successful because the affected individuals were using phones that weren’t registered in the USA.
“We emphasize that the Pegasus software is installed based on phone numbers only, and the tools are incapable of being installed on U.S. (+1) numbers. This case doesn’t involve U.S. phone numbers, and the company had no way to know who the persons monitored by our customers were,” the company’s statement read.
NSO Group also stated that if these allegations are legit, they are a “blunt violation of all commitments and agreements that company has with its customers, and the company will take legal action against these customers.”
The company says that it isn’t aware of the tools attackers used and that once the surveillance spyware is sold to a client, the company cannot track its targets. NSO Group vows to terminate such clients permanently.
“If our investigation shall show these actions indeed happened with NSO’s tools, such customer will be terminated permanently and legal actions will take place.” and will “cooperate with any relevant government authority and present the full information we will have.”