IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

NSO Group reportedly hacked multiple US officials

Apple informed the US State Department that it found a number of cases of staff iPhones being hacked with Pegasus spyware

A number of US officials have been reportedly been contacted by Apple informing them that their iPhones have been hacked by NSO Group. 

Early efforts have led investigators to believe that the hack was carried out using the Pegasus tool developed by Israel-based NSO Group. The company was only recently added to the US’ entity list.

The attacks targeted US State Department staff either working in Uganda or focusing their work on matters related to the African country, according to Reuters which first reported the story. 

The attacks are believed to have taken place over the past few months and initial reporting revealed at least nine staff were successfully targeted, with other reports suggesting the number might be slightly higher at 11.

NSO Group published a statement on Friday saying it plans to investigate the situation and terminate the contract it has with whatever country is found to have misused the Pegasus tool.

“Last night, following an inquiry we received alleging Ugandan phone numbers used by US government officials were hacked, we immediately shut down all the customers potentially relevant to this case, due to the severity of the allegations, and even before we began the investigation,” said NSO Group.

“This termination took place despite the fact that there is no indication the phones were targeted by NSO’s technology. The claims of all involved parties specifically mentioned there is no indication, let alone proof, that it was NSO’s tools that were used by these customers.”

IT Pro contacted the US State Department and Apple for comment but neither replied at the time of the publication. Both have declined to comment to other media. 

NSO Group has faced numerous challenges in the previous few months. Most recently, Apple filed a lawsuit against the company for allegedly hacking Apple users and violating US laws.

Since the group was linked to Pegasus, the highly invasive spying tool made by NSO Group and licensed to other countries with approval from the Israeli government, many western countries have turned their backs on the company.

The US government added NSO Group to its entity list which heavily restricts the business opportunities of those on the list with the US.

Related Resource

Network virtualisation for dummies

Why you need to virtualise your network

For Dummies style cover with whitepaper title at the topFree download

It was this development that led newly appointed CEO Isaac Benbenisti to quit the post before he even started at the company.

As well as reportedly being faced with significant financial difficulty, NSO Group has continually battled the allegations fielded to it, that it helps rogue nations attack activists, journalists, and other individuals deemed to be threats. 

Notable victims of the Pegasus spyware include Jamal Khashoggi, a prominent critic of the Saudi Arabian government, whose phone was found to have Pegasus installed on it after he was murdered in Istanbul in 2018.

NSO Group remains firm on its stance that Pegasus is not a tool to be used for malicious purposes and instead Pegasus is bought and used by governments for good, like combatting terrorism.

The company has said it installed security controls in Pegasus which prevent spying on innocent targets. For example, Pegasus cannot be used on US phone numbers, those beginning with a +1 country code.

The US officials found to have Pegasus on their iPhones were using Ugandan-registered phones, reports indicate, which means the country code would have been different and perhaps not included in the security controls for innocents.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Bahrain targets activists with NSO's Pegasus spyware
spyware

Bahrain targets activists with NSO's Pegasus spyware

24 Aug 2021

Most Popular

FCC commissioner urges Apple and Google to remove TikTok from app stores
data protection

FCC commissioner urges Apple and Google to remove TikTok from app stores

29 Jun 2022
LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022