US embassy officials in Uganda had their phones hacked with Israeli spyware, reports say

It is not known who is behind the alleged hack

Io Dodds
Sunday 05 December 2021 23:04
Comments
Apple Files Lawsuit Agains Israeli Spyware Maker for Surveilling Apple Users

US diplomatic staff in Uganda had their iPhones hacked using controversial spyware sold by the Israeli cyber-weapons company NSO Group, according to reports.

Citing anonymous sources, Reuters reported on Thursday that at least nine workers based in the US Embassy in Uganda or specialising in the country were targeted using NSO’s Pegasus software by parties unknown.

Another report by the New York Times put the number of officials at 11, saying embassy staff had received a warning from Apple that "state-sponsored attackers are trying to remotely compromise the iPhone associated with your Apple ID".

Pegasus is a military-grade surveillance suite that can infect an iPhone without the user’s knowledge and allow its wielder to snoop on everything from voice calls through location data to encrypted chat messages.

A spokesperson for NSO said it would conduct an independent investigation and cooperate with any government probe, as well as "immediately terminating" some customers’ access. There is no suggestion NSO conducted or knew about the hack.

This is the first known case of US government officials being targeted with Pegasus, and will deepen tensions between the US and Israel over whether NSO has been properly supervised.

Last month President Joe Biden blacklisted NSO as "contrary to the national security or foreign policy interests of the United States", accusing it of knowingly selling spyware to governments that used it to "maliciously target" dissidents and journalists.

Pegasus spyware: How does it work?

NSO is one of the brightest stars in Israel’s thriving cybersecurity industry, and insists that it only sells its software to carefully vetted intelligence agencies, law enforcement bodies or militaries to fight crime and terrorism.

But a global investigation by human rights groups and 17 media outlets found evidence that Pegasus had been used to target journalists, human rights activists, lawyers and opposition politicians. NSO denied those claims.

NSO said: “We have decided to immediately terminate relevant customers’ access to the system, due to the severity of the allegations.

"To this point, we haven’t received any information, nor the phone numbers, nor any indication that NSO’s tools were used in this case...

"If our investigation shall show these actions indeed happened with NSO’s tools, [any] such customer will be terminated permanently and legal actions will take place."

The company claimed that it blocks its products from working on US numbers and that it had "no way to know" who its customers target.

Mr Biden has invited Israel and many other countries to the White House next week in the hope of cracking down on the largely unregulated global spyware market.

Meanwhile, Apple has issued an emergency security patch and filed a lawsuit against NSO seeking damages for "flagrant violations of US federal and state law arising out of its efforts to target and attack Apple and its users".

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in