Apple has reportedly notified several US Embassy and State Department employees and Ugandan politicians that their iPhones may have been targeted by an unknown threat actor using state-sponsored Pegasus spyware from Israeli tech company NSO Group.
There were up to 11 US Embassy officials working in Uganda who were targeted using iPhones registered to their overseas phone numbers, according to reports. However, it’s unclear who hacked the officials’ phones or what information was stolen.
“While we are unable to confirm, generally speaking the Department takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected,” a State Department spokesperson said in a release. “Like every large organization with a global presence, we closely monitor cybersecurity conditions, and are continuously updating our security posture to adapt to changing tactics by adversaries.”
This attack is one of many attacks since the summer that have targeted government officials using Pegasus spyware, which remotely hacks smartphones and is able to listen to phone calls, view text messages, photos, videos, contact lists, and other files. While previous attacks targeted political leaders in the Middle East and Mexico, as well as human rights activists and journalists, the latest Pegasus attack was the first one against US government employees and officials.
Pegasus uses zero-click exploits sent through messaging apps in order to infect Apple and Android devices without requiring targets to click on any malicious links. These exploits, however, are by default blocked from working on any US phone numbers.
NSO Group Response
In response to the attacks, NSO Group said it will investigate the matter and take necessary legal action against customers for using its tools illegally. The company also added that it had suspended “relevant accounts” while recognizing the “severity of the allegations.”
The cyberattacks have made NSO group a target of the US Commerce Department, which placed the company on an economic blacklist last month.
Along with tech giant Meta, Apple has decided to sue NSO Group for illegally hacking its users by exploiting previously unknown security flaws in iOS and WhatsApp, according to a Nov. 23 press release. Additionally, Apple said it has begun sending threat alert notifications to users it believes have been targeted by state-sponsored hackers on Nov. 23.
“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability,” Apple’s software engineering chief Craig Federighi said in the press release. “That needs to change.”