Apple notified several US Embassy and State Department employees that their iPhones may have been targeted by an unknown attacker using Spyware It was created by the controversial Israeli company NSO Group, according to multiple reports from Reuters and The Washington Post.
At least 11 U.S. Embassy officials stationed in Uganda or focused on matters related to the country are said to have used iPhones registered with their overseas phone numbers, despite the identity of the The threat actors behind the intrusions, or the nature of the information sought, are still unknown.
The attacks, carried out over the past few months, mark the first known as software monitor sophisticated was put to use against US government employees.
NSO Group is the maker of Pegasus, military-grade spyware that allows its government clients to stealthily steal files and photos, eavesdrop on conversations, and track victims’ whereabouts. Pegasus uses a no-click exploit sent via a messaging app to infect iPhones and Android devices without requiring the target to click a link or take any other action, but is blocked by default. operate on US phone numbers.
In response to the reports, NSO Group said it will investigate the matter and take legal action, if necessary, against customers for illegally using their tools, and for added that it had suspended “relevant accounts,” citing “the seriousness of the allegations.”
It’s worth noting that the company has long maintained that it only sells its products to government law enforcement and intelligence clients to help track security threats and track down attackers. terrorism and crime. But evidence gathered over the years shows a systematic abuse of technology to spy on human rights activists, journalists and politicians from Saudi Arabia, Bahrain, Morocco, Mexico and other countries. .
NSO Group’s action has come at a heavy cost, putting it on the radar of the US Department of Commerce, which placed the company on an economic blockade list last month, a decision likely motivated by targeting. the aforementioned goals of US diplomats.
Furthermore, tech giants Apple and Meta have since launched a legal attack against the company for illegally hacking their users by exploiting unprecedented security flaws. previously known in iOS and end-to-end encrypted WhatsApp messaging service. In addition, Apple also said that it began sending threat notifications to alert users it believes have been targeted by state-sponsored attackers on November 23.
As a result, notifications will be sent to affected users via email and iMessage to the address and phone number associated with the user’s Apple ID, and a prominent “Threat Alert” banner will be displayed. displayed at the top of the page when affected users log into their account on appleid.apple[.]com.
“State-funded organizations like the NSO Group spend millions on complex surveillance technologies without effective accountability,” said Craig Federighi, Apple’s former Chief Software Engineer. know. “That needs to change.”
The revelations also coincide with a report from The Wall Street Journal detailing the US government plans to work with more than 100 countries to restrict exports of surveillance software to authoritarian governments that use the technology to human rights repression. China and Russia are not expected to participate in the new initiative.