wordpress blog stats
Connect with us

Hi, what are you looking for?

NSO Group’s Pegasus used to hack phones of US State Department officials: Report

These hacks are the first notable use of NSO-made spyware against US persons.

The iPhones of at least nine US State Department employees were hacked by an unknown entity using spyware made by Israeli-based NSO Group, Reuters reported on December 4 citing unnamed sources. The Wall Street Journal later corroborated these findings and reported that the phones of eleven US officials were hacked using the Pegasus spyware.

The hacks took place over the last several months and targeted US officials either based in Uganda or focused on matters concerning the country, both reports said.

Earlier in July, an international consortium of media organisations revealed that political leaders, journalists, human rights activists, businessmen, military officials, intelligence agency officials, and several others from various countries across the world were targeted for surveillance by NSO-made Pegasus spyware, but there were no confirmed American targets then.

How were the hacks uncovered?

These hacks appear to have been uncovered after Apple notified the affected users. There were identifiable as US government employees because they associated email addresses ending in state.gov with their Apple IDs, Reuters said.

Apple in November sued NSO Group over the surveillance and targeting of Apple users with the Pegasus spyware. “Pegasus can record using a device’s microphone and camera, track the phone’s location data, and collect emails, text messages, browsing history, and a host of other information accessible through the device,” Apple said in its lawsuit.

Advertisement. Scroll to continue reading.

On the same day, Apple also said that it will start notifying users who may have been targeted, in two ways:

  1. A Threat Notification will be displayed at the top of the page after the user signs into appleid.apple.com.
  2. Apple will send an email and iMessage notification to the email addresses and phone numbers associated with the user’s Apple ID.

“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change.” – Craig Federighi, Apple’s senior vice president of Software Engineering.

What have NSO Group and the Israeli embassy said?

  • NSO Group: In a statement published on its website, NSO Group said that despite no indication that NSO tools were used for the hacks, it has “immediately shut down all the customers potentially relevant to this case, due to the severity of the allegations, and even before we began the investigation.”

“If the allegations turn out to be true, they are a blunt violation of all commitments and agreements that company has with its customers, and the company will take legal action against these customers.” – NSO Group

  • The Israeli embassy in Washington: In a statement to Reuters, a spokesperson for the Israeli embassy in Washington said:

“Cyber products like the one mentioned are supervised and licensed to be exported to governments only for purposes related to counter-terrorism and severe crimes. The licensing provisions are very clear and if these claims are true, it is a severe violation of these provisions.”

Do these hacks indicate NSO spyware can be used against US citizens?

NSO Group has long maintained that its spyware cannot be used against Americans. Back in July, the company said that its products “cannot be used to conduct cyber surveillance within the United States, and no foreign customer has ever been granted technology that would enable them to access phones with US numbers.”

In the current Ugandan case, it appears to be that the targeted US officials were using phones registered with a foreign number.

In its statement, the company reiterated:

“We emphasize that the Pegasus software is installed based on phone numbers only, and the tools are incapable of being installed on US (+1) numbers. This case doesn’t involve US phone numbers, and the company had no way to know who the persons monitored by our customers were.”

NSO Group is already part of the US Entity List

On November 3, Israel-based NSO Group and Candiru were added by the US government to its Entity List “based on evidence that these entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, business people, activists, academics, and embassy workers,” a press release by the US Department of Commerce said.

This places severe restrictions on American companies from being able to sell their products or services to NSO.

Advertisement. Scroll to continue reading.

In light of the Ugandan case, a senior Biden administration official told Reuters that the threat to US personnel abroad was one of the reasons the administration was cracking down on companies like NSO.

The US government is also reportedly working on an initiative with other countries to prevent surveillance tools and technology from being sold to authoritarian governments, which is likely to be announced at the Summit for Democracy starting on December 9.

What is happening around Pegasus allegations in India?

While India has long been suspected of being a Pegasus buyer, the scale and nature of surveillance it has embarked upon, and the targets it seems to have picked, don’t appear to indicate national security concerns, but rather surveillance of those who are critical of the government.

In light of this, multiple people filed petitions before the Supreme Court alleging violation of privacy and the Court in October constituted an expert committee to investigate the usage of Pegasus by the government against its own citizens. This committee on November 26 started reaching out to potential targets of Pegasus detailing the scope of the probe and asking them to join the investigation by submitting their infected mobile device and a statement.

More recently, the Indian government in response to a question asked in the parliament said that “there is no proposal for banning any group named ‘NSO group’.”

Also read:

Advertisement. Scroll to continue reading.

Have something to add? Post your comment and gift someone a MediaNama subscription.

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ