The iPhones of US Embassy employees (at least 11 according to the Washington Post) have been hacked by Pegasus spyware through an exploit dubbed ForcedEntry in recent months. The Pegasus spyware was developed by the NSO Group, an Israel-based surveillance firm that has been known for licensing software that allows government clients to secretly steal files and spy on conversations. Once Pegasus penetrates a phone, it grants the operator full access to the device. It allows the operator to turn on the microphone, examine photos, email documents, and view location.
Pegasus uses zero-click exploits to infect iPhones and Android devices. This means affected users were not required to click links or take any action for the malware to infect their phones. The NSO Group stated that Pegasus is to be used to investigate only criminals, terrorists, and serious threats to security.
This Pegasus attack affected US officials either based in Uganda or focused on matters concerning East African countries. According to Reuters, NSO has terminated the customer accounts behind the intrusion and promised to look into the attacks. NSO has also stated that they are willing to cooperate with any relevant government authority to present the full information they have.
NSO clarified that the installation of the software by the customer occurs via phone numbers. They made it known that NSO’s technologies are blocked from working on US (+1) numbers. However, the phones that were hacked in recent months were all linked to State Department email addresses. They also stated that after the software is sold to a customer, NSO is not able to gain information on who the target of the customer is.
It is worth mentioning that some tech giants sued NSO for illegally hacking their users by exploiting security flaws in their operating systems and their end-to-end encryption. Apple sent threat notifications to users that they believed had been targeted by attackers on 23rd November. The notifications were sent to the email and iMessage associated with the users’ Apple ID.
Companies like the NSO Group spend a lot of dollars on surveillance technologies without effective accountability, Apple’s software engineering chief said. Sen. Ron Wyden (D-Ore.) stated that companies that enable their customers to hack U.S. government employees are a threat to America’s national security and should be treated as such by the government.