NSO Group's spyware used to hack US State Department iPhones

Troubles mount for the recently sanctioned Israeli-based NSO Group as new software use cases against US personnel come to light.

At least nine iPhones used by employees of the US State Department were hacked using spyware developed by the NSO Group, Reuters reports.

Recently, the US sanctioned NSO Group for' malicious cyber activities.' According to the US Department of Commerce, NSO Group 'developed and supplied spyware to foreign governments.'

In turn, the Israeli Ministry of Defense reduced the number of countries that Israeli companies can export cyber tools.

Sources claim that the hack to place in the last several months and hit US officials focusing on matters concerning the East African country of Uganda.

It is not clear who was behind the attack, and NSO Group said it did not have any indication their tools were used, Reuters reports.

"If our investigation shall show these actions indeed happened with NSO's tools, such customer will be terminated permanently, and legal actions will take place," said an NSO spokesperson.

According to Reuters, a State Department spokesperson declined to comment on the intrusions, instead pointing to the Commerce Department's recent decision to place the Israeli company on an entity list, making it harder for US companies to do business with them.

The spyware developed by the NSO Group acts through iPhone and Android mobile devices and lets it access messages, emails, photos, or even secretly record calls and activate microphones.

Apple filed a lawsuit against NSO Group and its parent company OSY Technologies for allegedly targeting US Apple users with its Pegasus spyware.

This July, the Pegasus Project revealed that the spyware, made and licensed by NSO Group, had been used in hacks of smartphones belonging to journalists, government officials, and human rights activists.

Some of NSO Group's best-known past clients were Saudi Arabia, the United Arab Emirates, and Mexico.

In a statement, the Israeli embassy in Washington said that targeting American officials would be a severe breach of its rules.

"Cyber products like the one mentioned are supervised and licensed to be exported to governments only for purposes related to counter-terrorism and severe crimes," an embassy spokesperson told Reuters.

More from CyberNews

Alliances between threat actors have led to the rise of the ransomware empire

Over 50,000 European business users exposed in a data leak

Your organization’s network can be used to mine Monero: report

Russia files court cases for fines on annual turnover of Google, Meta

A glitch in the Revolut banking app sparked fears of a hack

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked