Christopher Bing and Joseph Menn, reporting for Reuters:
iPhones of at least nine U.S. State Department employees were
hacked by an unknown assailant using sophisticated spyware
developed by the Israel-based NSO Group, according to four people
familiar with the matter. The hacks, which took place in the last
several months, hit U.S. officials either based in Uganda or
focused on matters concerning the East African country, two of the
sources said. […]
Apple’s alert to affected users did not name the creator of the
spyware used in this hack. The victims notified by Apple included
American citizens and were easily identifiable as U.S. government
employees because they associated email addresses ending in
state.gov with their Apple IDs, two of the people said.
Fascinating to consider that the U.S. State Department is only aware of this hack because Apple notified the affected employees. That’s certainly how this report reads.
In a public response, NSO has said its technology helps stop
terrorism and that they’ve installed controls to curb spying
against innocent targets. For example, NSO says its intrusion
system cannot work on phones with U.S. numbers beginning with the
country code +1. But in the Uganda case, the targeted State
Department employees were using iPhones registered with foreign
telephone numbers, said two of the sources, without the U.S.
Big-time ✊🍆 feel to this. Like hearing about PC malware that bypasses PCs with Russian keyboards attached.
★ Friday, 3 December 2021