NSO Group Spyware Hits at Least 9 US State Department Phones
The Israeli spyware developer NSO Group has faced increasing legal pressure and controversy as its hacking tools continue to be abused by repressive regimes and law enforcement around the world. Now Apple has informed a swath of iPhone users, including at least nine US State Department employees, that their devices were compromised in recent months by unidentified hackers wielding NSO tools.
Sources told Reuters, which first reported the news, that the affected US government officials were working in Uganda or on topics related to the country. Ugandan political figures were also seemingly targeted in the campaign. Attacks that use NSO's Pegasus spyware, which works on both Apple's iOS mobile operating system and Google's Android OS, have been detected for years. Once installed on a device, Pegasus can track the user's location, activate their microphone, steal data, and more.
This latest example of its abuse underscores exactly what privacy and human rights advocates have long warned: that NSO does not have adequate controls in place to limit how its customers use the powerful tools it sells. And that the company's repeated assurances to the contrary—including that its spyware can't be used against devices registered with a US phone number—ring hollow.