Reuters has reported that at least nine iPhone devices belonging to U.S. State Department employees have been hacked. It’s unclear who deployed the software but it was apparently designed by NSO Group, a creator of sophisticated spyware against which Apple has recently started legal action. The employees worked in or had connections to Uganda.
Responding to Reuters’ investigation, a spokesperson from NSO Group, said:
“If our investigation shall show these actions indeed happened with NSO's tools, such customer will be terminated permanently and legal actions will take place. [NSO will also] cooperate with any relevant government authority and present the full information we will have.”
While it could not be determined who had launched that attack against the U.S. State Department employees, NSO Group is known to sell its products to government law enforcement and intelligence clients, though, it is not involved directly in surveillance operations. The software has been used on numerous occasions to target government officials, journalists, business people, activists, academics, and embassy workers and this is why the U.S. added the firm to an Entity List.
With regards to the latest case, the attack would mark the biggest attack on U.S. government officials, however, the State Department nor the officials at the Ugandan embassy in Washington D.C. would give comments, nor would a spokesperson for Apple.