WASHINGTON/SAN FRANCISCO, Dec 3 (Reuters) – Apple Inc iPhones of at least nine U.S. State Department employees were hacked by an unknown assailant using sophisticated spyware developed by the Israel-based NSO Group, according to four people familiar with the matter.
The hacks, which took place in the last several months, hit U.S. officials either based in Uganda or focused on matters concerning the East African country, two of the sources said.
The intrusions, first reported here, represent the widest known hacks of U.S. officials through NSO technology. Previously, a list of numbers with potential targets including some American officials surfaced in reporting on NSO, but it was not clear whether intrusions were always tried or succeeded.
Register now for FREE unlimited access to reuters.com
Reuters could not determine who launched the latest cyberattacks.
NSO Group said in a statement on Thursday that it did not have any indication their tools were used but canceled access for the relevant customers and would investigate based on the Reuters inquiry.
“If our investigation shall show these actions indeed happened with NSO’s tools, such customer will be terminated permanently and legal actions will take place,” said an NSO spokesperson, who added that NSO will also “cooperate with any relevant government authority and present the full information we will have.”
NSO has long said it only sells its products to government law enforcement and intelligence clients, helping them to monitor security threats, and is not directly involved in surveillance operations.
Officials at the Uganda embassy in Washington did not comment. A spokesperson for Apple declined to comment.
A State Department spokesperson declined to comment on the intrusions, instead pointing to the Commerce Department’s recent decision to place the Israeli company on an entity list, making it harder for U.S. companies to do business with them.
NSO Group and another spyware firm were “added to the Entity List based on a determination that they developed and supplied spyware to foreign governments that used this tool to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers,” the Commerce Department said in an announcement last month.
NSO software is capable of not only capturing encrypted messages, photos and other sensitive information from infected phones, but also turning them into recording devices to monitor surroundings, based on product manuals reviewed by Reuters.
Apple’s alert to affected users did not name the creator of the spyware used in this hack.
The victims notified by Apple included American citizens and were easily identifiable as U.S. government employees because they associated email addresses ending in state.gov with their Apple IDs, two of the people said.
They and other targets notified by Apple in multiple countries were infected through the same graphics processing vulnerability that Apple did not learn about and fix until September, the sources said.
Since at least February, this software flaw allowed some NSO customers to take control of iPhones simply by sending invisible yet tainted…