NSO Spyware Used To Hack The State Department
Israeli surveillance software firm NSO Group’s spyware has been used by an unknown assailant to hack the cell phones of at least nine United States State Department employees.
Apple has informed officials at the US State Department that an unknown cyber actor has been hacking their iPhones.
NSO’s Pegasus spyware is capable of remotely logging data from an infected iOS or Android device and can be used to covertly turn on a phone’s microphones or cameras.
Pegasus is designed to infect phones using a “zero-click” attack, in which spyware can be installed without the target clicking a link or otherwise taking action and Apple has taken legal issue with NSO Group for allegedly misusing its services and products to place a hacking tool on some users' iPhones.
Some US officials targeted were either based in Uganda’s capital Kampala, or worked on matters related to the country. Some Ugandan political leaders were also reportedly attacked by the cyber espionage campaign. The victims notified by Apple were identifiable as US government employees through their email addresses associated with their Apple IDs, ending in state.gov.
It is understood that the devices were compromised through the same zero-day graphics processing bug that Apple fixed in September this year.
An NSO spokesperson told Reuters that the company is investigating the matter and has already terminated the relevant customers' access to its tools and systems. The spokesperson added that NSO Group currently has no indication that its tools were used to hack US officials. "If our investigation shall show these actions indeed happened with NSO's tools, such customer will be terminated permanently and legal actions will take place," the spokesperson said, also adding that the company would "cooperate with any relevant government authority and present the full information we will have."
Researchers at Citizen Lab at the University of Toronto recently discovered the code behind an NSO exploit that was alleged to have been used to infect iPhones earlier this year. The exploit, which was then promptly fixed by Apple, used a vulnerability in the company’s iMessage function on all Apple products.
NSO’s spyware is capable of not only capturing photos, messages, and other sensitive information from compromised devices, but also turning them into recording devices to monitor their surroundings.
Pegasus software has been sold to governments around the world, including Mexico, Saudi Arabia, the United Arab Emirates, India, Bahrain, Azerbaijan, Hungary, Kazakhstan, Morocco and Rwanda. Privacy advocates have long warned that NSO Group does not have enough controls in place to limit how its customers use the powerful cyber surveillance tools it sells.
Amnesty International researchers revealed how widespread the use of NSO Group's spyware is earlier this year, saying that Pegasus may have been used to snoop on more than 1,000 journalists, rights activists and other prominent individuals from about 50 countries.
Last month, the US government placed NSO Group on a trade blacklist, stating that the company's software had 'enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists'. In its lawsuit, Apple said that NSO Group and its parent company OSY Technologies should be held accountable for the surveillance and targeting of Apple users, and banned from using any Apple devices, software or services 'to prevent further abuse and harm to its users'.
In its complaint, Apple describes NSO Groups as '....notorious hackers - amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse.' NSO Group denies those claims, saying it only works with law enforcement, military, and intelligence agencies from countries with good human-rights records.
Reuters: Computing: Guardian: The Verge: TimesofIsrael: CNN Washington Post:
You Might Also Read:
