NSO Group spyware used in hacks targeting U.S. State Department officials

article thumbnail

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

The iPhones of at least nine employees of the U.S. Department of State were hacked using the spyware developed by Israeli-based surveillance technology company NSO Group.

The hacks, which took place recently, targeted U.S. government officials based in Uganda or whose responsibility concerned the country, Reuters has reported. It isn't clear who launched the attacks.

NSO Group said Thursday that it didn't know about the intrusions, but added that it canceled the relevant accounts and would launch an investigation into the matter.

"If our investigation shall show these actions indeed happened with NSO's tools, such customer will be terminated permanently and legal actions will take place," said an NSO spokesperson.

The company added that it would cooperate with "any relevant government authority and present the full information we will have."

The attack represents the widest-known hack of U.S. officials using NSO-developed technology, which the U.S. government called a national security risk back in November.

NSO-developed software Pegasus has been used by malicious actors and government entities to covertly surveil journalists and human rights activists. In some cases, Pegasus exploited zero-day vulnerabilities in Apple technology like iMessage.

On Nov. 23, Apple filed a lawsuit against NSO Group seeking an injunction that would prevent the Israeli spyware company from using any Apple software, services, or devices.

In July, NSO CEO Shalev Hulio shot down concerns that his company's software could be used maliciously, stating that law-abiding citizens have "nothing to be afraid of."