NSO Group reportedly hacked multiple US officials

The NSO Group logo on a smartphone that's been placed on a keyboard
(Image credit: Shutterstock)

A number of US officials have been reportedly been contacted by Apple informing them that their iPhones have been hacked by NSO Group.

Early efforts have led investigators to believe that the hack was carried out using the Pegasus tool developed by Israel-based NSO Group. The company was only recently added to the US’ entity list.

The attacks targeted US State Department staff either working in Uganda or focusing their work on matters related to the African country, according to Reuters which first reported the story.

The attacks are believed to have taken place over the past few months and initial reporting revealed at least nine staff were successfully targeted, with other reports suggesting the number might be slightly higher at 11.

NSO Group published a statement on Friday saying it plans to investigate the situation and terminate the contract it has with whatever country is found to have misused the Pegasus tool.

“Last night, following an inquiry we received alleging Ugandan phone numbers used by US government officials were hacked, we immediately shut down all the customers potentially relevant to this case, due to the severity of the allegations, and even before we began the investigation,” said NSO Group.

“This termination took place despite the fact that there is no indication the phones were targeted by NSO’s technology. The claims of all involved parties specifically mentioned there is no indication, let alone proof, that it was NSO’s tools that were used by these customers.”

IT Pro contacted the US State Department and Apple for comment but neither replied at the time of the publication. Both have declined to comment to other media.

NSO Group has faced numerous challenges in the previous few months. Most recently, Apple filed a lawsuit against the company for allegedly hacking Apple users and violating US laws.

Since the group was linked to Pegasus, the highly invasive spying tool made by NSO Group and licensed to other countries with approval from the Israeli government, many western countries have turned their backs on the company.

The US government added NSO Group to its entity list which heavily restricts the business opportunities of those on the list with the US.


Network virtualisation for dummies

Why you need to virtualise your network


It was this development that led newly appointed CEO Isaac Benbenisti to quit the post before he even started at the company.

As well as reportedly being faced with significant financial difficulty, NSO Group has continually battled the allegations fielded to it, that it helps rogue nations attack activists, journalists, and other individuals deemed to be threats.

Notable victims of the Pegasus spyware include Jamal Khashoggi, a prominent critic of the Saudi Arabian government, whose phone was found to have Pegasus installed on it after he was murdered in Istanbul in 2018.

NSO Group remains firm on its stance that Pegasus is not a tool to be used for malicious purposes and instead Pegasus is bought and used by governments for good, like combatting terrorism.

The company has said it installed security controls in Pegasus which prevent spying on innocent targets. For example, Pegasus cannot be used on US phone numbers, those beginning with a +1 country code.

The US officials found to have Pegasus on their iPhones were using Ugandan-registered phones, reports indicate, which means the country code would have been different and perhaps not included in the security controls for innocents.

Connor Jones

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.