Written by Faridah N Kulumba
Africa-Press-Uganda United States diplomatic staff in Uganda had their iPhones hacked using controversial spyware sold by the Israeli cyber-weapons company. Reuters reported that at least nine workers based in the U.S. State Department employees were hacked by an unknown assailant using sophisticated spyware developed by the Israel-based Niv Shalev and Omri (NSO) Group in the last several months according to four people familiar with the matter..
About NSO
NSO is an Israeli technology firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance of smartphones, founded in 2010 by Niv karmi, Omri Lavie and Shalev Hulio.
NSO software is capable of not only capturing encrypted messages, photos and other sensitive information from infected phones, but also turning them into recording devices to monitor surroundings, based on product manuals reviewed by some sources.
NSO refuted allegations
The latest intrusions in Uganda, represent the widest known hacks of U.S. officials through NSO technology. Previously, a list of numbers with potential targets including some American officials surfaced in reporting on NSO but it was not clear whether intrusions were always tried or succeeded.
NSO Group refuted the allegations in the statement they issued on Thursday saying that if there is any indication that their tools were used but canceled access for the relevant customers and would investigate based on the Reuters inquiry.
Promises
NSO Group vowed to cooperate with any relevant government authority and present the full information about the incident, and that If the investigation shows that these actions indeed happened with NSO’s tools, such customers will be terminated permanently and legal actions will take place.
NSO has long said it only sells its products to government law enforcement and intelligence clients, helping them to monitor security threats, and is not directly involved in surveillance operations.
US Embassy’s reaction
Although the State Department spokesperson declined to comment on the intrusions, instead pointed to the Commerce Department’s recent decision to place the Israeli company on an entity list, making it harder for U.S. companies to do business with them. NSO Group and another spyware firm were “added to the Entity List based on a determination that they developed and supplied spyware to foreign governments that used this tool to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.
Alerts
The alert to the affected users were made by Apple but they did not name the creator of the spyware used in this hack.
The victims notified by Apple included American citizens and were easily identifiable as U.S. government employees because they associated email addresses ending in state.gov with their Apple IDs. They and other targets notified by Apple in multiple countries were infected through the same graphics processing vulnerability that Apple did not learn about and fix until September.
Since at least February, this software flaw allowed some NSO customers to take control of iPhones simply by sending invisible yet tainted iMessage requests to the device, researchers who investigated the espionage campaign.
The victims would not see or need to interact with a prompt for the hack to be successful. Versions of NSO surveillance software, commonly known as Pegasus, could then be installed.
According to the US embassy spokesperson, Cyber products like NSO are supervised and licensed to be exported to governments only for purposes related to counter-terrorism and severe crimes. The licensing provisions are very clear and if these claims are true, it is a severe violation of these provisions.
