Apple has warned US Department of State employees that their iPhones have been hacked by unknown threat actors using an iOS exploit dubbed ForcedEntry to deploy Pegasus spyware.
According to anonymous sources cited by Reuters, the attacks hit at least 11 US officials based in or focused on matters concerning the East African country of Uganda and took place in recent months.
According to a spokesperson who first reported the attacks, Israeli surveillance firm NSO Group that has developed Pegasus spyware, cancelled the customer accounts behind these intrusions and promised to investigate the attacks.
However the company doesn’t know what tools were used in the attack. NSO also refused to name the suspended customers.
The attacks, which were carried out in the last several months, mark the first time the sophisticated surveillance software has been put to use against U.S. government employees.
The NSO spokesperson stated that the group will cooperate with any relevant government authority and present the full information they have.
The company clarified that the installation of their software by the customer occurs via phone numbers. NSO’s technologies are blocked from working on US (+1) numbers. Once the software is sold to the licensed customer, NSO has no way to know who the targets of the customers are, and so they could not have been aware of this case.
The news of Department of State employees’ phones being hacked to install Pegasus spyware comes closely after the US sanctioning NSO Group and three other companies from Israel, Russia, and Singapore last month for spyware development and selling hacking tools used by state-sponsored hacking groups.
NSO and Candiru have been added to the Commerce Department’s Bureau of Industry and Security (BIS) Entity List for supplying the software used by state hackers to spy on government officials, journalists, and activists.