NSO Group infiltration software allegedly infiltrated the iPhones of American officials.

According to a story published Friday by Reuters, an unnamed party used NSO Group’s Pegasus malware to infect the Apple iPhones of at least nine US State Department personnel.

After receiving a query about the event, NSO Group indicated in an email to The Register that it had stopped an unnamed customer’s access to its system, but it has yet to determine whether its software was involved.

“We have opted to immediately remove relevant customers’ access to the system, once the enquiry was received, and before any investigation under our compliance policy, owing to the seriousness of the claims,” an NSO representative told The Register in an email. “We haven’t received any information, phone numbers, or other evidence that NSO’s tools were employed in this instance up to this moment.”

• According to Kaspersky director, Apple’s Pegasus lawsuit is a “declaration of war” against hostile software developers.
• NSO, dubbed “amoral twenty-first-century mercenaries,” is being sued by Apple for infecting iPhones with Pegasus malware.
• In the WhatsApp surveillance case, the National Security Agency (NSA) fails to claim foreign sovereign immunity for the second time.
• NSO Group, Positive Technologies, and other snoopware companies have been sanctioned by the US Department of Commerce.
• According to Reuters, the impacted State Department employees were stationed in Uganda or focused on Ugandan issues, therefore their phone numbers had a foreign nation prefix rather than a US prefix.

When Apple launched its complaint against the NSO Group on November 23rd, the iPhone manufacturer also stated that it will tell iPhone consumers who have been the subject of state-sponsored hacking. On the same day, Norbert Mao, a lawyer and the President of Uganda’s Democratic Party, tweeted that he’d gotten an Apple threat notification.

According to the Washington Post, NSO’s Pegasus software was involved in the attempted or successful hacking of 37 phones belonging to journalists and rights activists, including two women connected to Saudi writer Jamal Khashoggi. The findings contradicted NSO Group’s assertions that their software was solely licensed for battling terrorists and law enforcement, according to the paper.

The NSO Group released its 2021 Transparency and Responsibility Report [PDF] the same month, insisting that their software is only used against groups with few sympathizers, such as terrorists, criminals, and pedophiles.

According to the study, “Myth: Pegasus is a widespread surveillance tool.” “Fact: Only data from pre-identified suspected criminals and terrorists is collected.”

Several studies from cybersecurity research and human rights organizations, not to mention UN, EU, and US accusations against the firm, have disputed that position.

The US State Department refused The Register’s request for confirmation of the Reuters claim, but said the agency takes its obligation to protect its data seriously. We also learned that the Biden-Harris administration is seeking to limit the use of repressive digital technologies.

NSO Group claims that it has turned off $300 million in income to far due to unresolved human rights issues, and that it rejected 15% of new business possibilities between May 2020 and April 2021 for the same reason.

The firm has not yet produced documentation that allow its claims to be verified, despite the fact that it does not name its customers in its Transparency and Responsibility Report and includes several unattributed endorsement comments regarding its goods.

Reference: https://www.theregister.com