NSO Spyware ‘Used To Hack US Diplomats’

Apple has alerted 11 US diplomats that their iPhones were hacked by spyware from the NSO Group in recent months.

The alerts, reported by multiple media outlets citing unnamed sources, are the first confirmed cases in which software from Israel’s NSO was used to attack government officials.

NSO, which was placed on a US government blacklist a month ago over concerns about the abuse of its products, has long said its Pegasus spyware was intended only to target criminals, militants and other serious security threats.

The company said in a statement that it has suspended the accounts of unnamed clients involved in the reported attacks on US diplomats.

State-sponsored hacking

In July an investigation by several media outlets alleged that NSO’s software had been abused to hack embassy employees, political activists, human rights workers and others.

Last month Apple began alerting people who had been potentially compromised by a known Pegasus exploit called “FORCEDENTRY” and sued NSO, seeking to prevent it from using Apple products in the future.

The exploit, which has now been fixed, allowed a device to be hacked without any user interaction, after which Pegasus could be installed.

Pegasus places the device under the complete control of the attacker and allows it to be used to record its surroundings, according to NSO.

The company maintains that it has placed limits on Pegasus, such as barring it from working against US telephone numbers with the +1 country code.

Official targets

But the State Department employees targeted were using iPhones using foreign telephone numbers without the +1 country code, Reuters reported.

The attacks reportedly focused on US officials working in Uganda or elseewhere in East Africa.

NSO said it had no indication that its tools were used in the incidents but would cooperate with investigators.

The National Security Council said it was “acutely concerned” that commercial spyware like that from NSO posed a security risk to US personnel, which was why NSO and other companies were placed on the Entity List blacklist.

US Senator Ron Wyden said the federal government should have tools to detect such attacks rather than relying on the “generosity of private companies to know when their phones and devices are hacked”.