According to various reports from The Washington Post and Reuters, Apple warned many U.S. Embassy and State Department workers that their iPhones might’ve been hacked by an unknown adversary employing state-sponsored spyware manufactured by the infamous Israeli business NSO Group.
At least 11 U.S. Embassy employees currently stationed in Uganda or working on Uganda-related problems are claimed to have been targeted using iPhones with international phone numbers. At the same time, the identity of the threat actors behind the intrusions and the nature of the material sought is still unclear.
The attacks, which took place over the previous few months, are the first documented instances of sophisticated monitoring software used against U.S. federal officials.
NSO Group created Pegasus, a military-grade spyware that lets its government clients discreetly access files and images, listen in on conversations, and track its victims’ locations. Pegasus infects iPhones and Android devices through zero-click vulnerabilities transmitted through messaging applications, which do not need targets to click links or take any other action but are by default banned from operating on U.S. phone networks.
It’s important to mention that the corporation has long claimed that it exclusively sells its products to government law enforcement and intelligence agencies to monitor security risks and the surveillance of terrorists and criminals. However, evidence accumulated over time has exposed a systematic use of the technology to spy on human rights activists, politicians, and journalists in Saudi Arabia, Mexico, Morocco, Bahrain, and other nations.
NSO Group’s efforts have cost it dearly, with the U.S. Commerce Department placing the business on an economic blocklist last month, a decision that may have been influenced by the alleged targeting of U.S. foreign ambassadors.
Moreover, Apple and Meta have initiated a legal attack on the corporation, accusing it of unlawfully hacking its consumers by using previously unknown security holes in iOS and the end-to-end encrypted WhatsApp messaging service. Apple also stated that on November 23, it began delivering threat warnings to people it believes have been targeted by state-sponsored attackers.
As a result, impacted customers will get alerts through email and iMessage to the addresses and phone numbers connected with their Apple I.D.s. When affected individuals enter their accounts on appleid.apple[.]com, a big “Threat Notification” banner will appear at the top of the page.
The revelations also correlate with a report in The Wall Street Journal detailing U.S. efforts to engage with over 100 countries to ban the transfer of surveillance software to authoritarian governments that use it to undermine human rights. The new endeavor is not likely to include China or Russia.