What happened now? This week, Reuters reported that hackers used NSO’s controversial Pegasus spyware to hack the iPhones of nine US State Department employees. It is not yet known who is responsible, but this is the most serious known cyberattack involving US officials and Pegasus.
Sources Reuters pointed out that US officials in Uganda or dealing with Ugandan matters received Apple’s warnings that their iPhones have been attacked by spyware from Israel’s National Statistical Office in the past few months.
Spyware uses a zero-click exploit to access iPhone texts, photos and videos in order to spy on the target. He can even turn on the microphone of the phone. It works by sending a compromised message to the target via iMessage and does not require any action from the victim to infect.
– Norbert Mao (@norbertmao) November 24, 2021
The NSO says it is not directly involved in surveillance. Instead, he sells his technology to law enforcement and intelligence agencies. In a statement this week, NSO said it has closed access to the tools to relevant clients and will investigate based on a Reuters report. The group promised that if the investigation found that the specified client used Pegasus against US officials, they would be blocked forever and NSO would take legal action.
The company claims that Pegasus does not work with US phones with numbers starting with the country code +1, but foreign numbers were used on US officials’ phones.
Apple has released an emergency patch to close the vulnerability exploited by Pegasus in September. Last month, he filed a federal lawsuit against the NSO group, seeking to seek damages and bar NSO from using any Apple products and services in the future.