Reuters and the Washington Post reported on Friday that Apple has notified eleven US diplomats working in Uganda or on subjects relating to the East African country that their phones had been hacked by Pegasus, citing unnamed persons familiar with the situation.
About a dozen diplomats have reported that Pegasus spyware has hacked their iPhones. According to Reuters, the intrusion occurred over the “past several months,” with the phones targeted having international phone numbers. NSO, the company behind Pegasus, has said that their spyware is incompatible with iPhones having US phone numbers.
At least 11 U.S. Embassy workers stationed in Uganda or working on Uganda-related problems are claimed to have been targeted using iPhones with international phone numbers, while the identity of the threat actors behind the intrusions, as well as the nature of the material sought, is still unclear.
While the State Department and Apple have declined to comment on the claim, the National Security Organization (NSO) has published a statement in response to the allegations.
Oded Hershkovitzn NSO spokesperson said, “Once the inquiry was received, and before any investigation under our compliance policy, we have decided to immediately terminate relevant customers’ access to the system, due to the severity of the allegations.”
Any information nor the phone numbers, nor any indication that NSO’s tools were used in this case,” at this point, they are ready to “cooperate with any relevant government authority and present the full information we will have,” As the company does not have further information, Hershkovitzn.
NSO has extensive links to Israel’s defense and intelligence communities, and export permits for their products must be approved by the Israeli Defense Ministry. Saudi Arabia, the United Arab Emirates, and Mexico have all been clients of the firm in the past.
The Israeli embassy in Washington stated in a statement on Friday that targeting US officials would be a significant violation of the regulations.
The attacks, which took place over the previous few months, are the first documented instances of sophisticated monitoring software being used against US federal officials.
NSO Group creates Pegasus, military-grade spyware that allows its government clients to discreetly access files and images, listen in on conversations, and track its victims’ locations. Pegasus infects iPhones and Android devices through zero-click vulnerabilities transmitted through messaging applications, which do not need targets to click links or take any other action but are by default banned from operating on U.S. phone lines. NSO has stated that an investigation will be conducted and necessary legal actions will be taken. If required, it would take legal action against customers who use its products unlawfully, the company said, adding that “relevant accounts” had been stopped due to the “severity of the allegations.”
An embassy spokesperson said, “Cyber products like the one mentioned are supervised and licensed to be exported to governments only for purposes related to counter-terrorism and severe crimes,” “The licensing provisions are very clear and if these claims are true, it is a severe violation of these provisions.”
This is the reason why the “Biden-Harris Administration has placed several companies involved in the development and proliferation of these tools on the Department of Commerce’s Entity List,” the NSC added.
Also, it should be noted that the corporation has long claimed that it exclusively sells its equipment to government law enforcement and intelligence agencies in order to aid in the monitoring of security risks and the surveillance of terrorists and criminals.
But evidence gathered over the years has revealed a systematic abuse of the technology to spy on human rights activists, journalists, and politicians from Bahrain, Morocco, Saudi Arabia, Mexico, and other countries.
Read the Washington post for more information.