According to various reports from Reuters and The Washington Post, Apple warned many U.S. Embassy and State Department employees that their iPhones may have been targeted by an unknown assailant employing state-sponsored spyware manufactured by the controversial Israeli business NSO Group.
At least 11 U.S. Embassy workers stationed in Uganda or working on Uganda-related problems are claimed to have been targeted using iPhones with international phone numbers, while the identity of the threat actors behind the intrusions, as well as the nature of the material sought, is still unknown.
The attacks, which took place over the last few months, are the first documented instances of sophisticated monitoring software being used against US federal officials.
NSO Group created Pegasus, a military-grade spyware that allows its government clients to discreetly access files and images, listen in on conversations, and track their victims’ whereabouts. Pegasus infects iPhones and Android devices through zero-click exploits transmitted through messaging applications, which do not require targets to click links or take any other action, but are by default banned from working on U.S. phone numbers.
In reaction to the complaints, the NSO Group said it would look into the situation and, if necessary, take legal action against customers who were abusing its capabilities. It also said it has stopped “relevant accounts,” citing the “seriousness of the allegations.”
It’s important mentioning that the corporation has long claimed that it exclusively sells its products to government law enforcement and intelligence agencies to aid in the monitoring of security threats and the surveillance of terrorists and criminals. However, evidence accumulated over time has exposed a systematic use of the technology to spy on human rights activists, journalists, and politicians in Saudi Arabia, Bahrain, Morocco, Mexico, and other countries.
NSO Group’s efforts have cost it dearly, with the US Commerce Department placing the business on an economic blocklist last month, a decision that may have been influenced by the aforementioned targeting of US foreign ambassadors.
Furthermore, Apple and Meta have launched a legal assault on the corporation, accusing it of illegally hacking its consumers by using previously unknown security holes in iOS and the end-to-end encrypted WhatsApp messaging service. Apple also stated that on November 23, it began delivering threat notifications to users it believes have been targeted by state-sponsored attackers.
A conspicuous “Threat Notification” banner will be shown at the top of the page when impacted users log into their accounts on appleid.apple[.]com, and the alerts will be issued to affected users through email and iMessage to the addresses and phone numbers connected with their Apple IDs.
Apple’s software engineering director Craig Federighi has stated, “State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technology without effective accountability.” “It’s time for it to change.”
The revelations also coincide with a piece in The Wall Street Journal detailing US plans to engage with over 100 countries to ban the transfer of surveillance software to authoritarian governments that use it to undermine human rights. The new initiative is not likely to include China or Russia.