Apple Inc. has notified at least 11 US diplomats that their iPhones have been hacked by unknown assailants using Pegasus spyware developed by the Israeli cyberarms firm NSO Group, according to multiple reports.
The revelation, the first confirmed cases of Israeli surveillance tools being used against US government officials, comes a month after the Joe Biden administration blacklisted the NSO Group following reports that Pegasus was implicated in cyberattacks on journalists, activists and politicians around the world.
The hacks, which took place in the last several months, mostly targeted US embassy employees in Uganda, according to Reuters, which first reported the intrusions and said nine US diplomats were hacked.
The Associated Press and the Washington Post later reported that phone numbers of at least 11 US officials were compromised.
The cyberattacks represent the first known hacks of American officials through the NSO Group and raise serious questions about the use of Israeli spying tools against government officials worldwide.
"We have been acutely concerned that commercial spyware like NSO Group software poses a serious counterintelligence and security risk to US personnel,'' White House press secretary Jen Psaki said at a briefing on Friday.
The Israeli company said in a statement that it was willing to cooperate with “any relevant government authority and present the full information” the firm might obtain as it investigates the matter.
It also reiterated that its spy tools are blocked from working on US numbers, but said it had “no way to know” whom its customers will choose for hacking.
Apple recently launched a lawsuit against NSO, with reports saying that the tech giant was beginning to alert victims whose iPhones had been compromised by the Israeli hacking tool.
NSO produces sophisticated malware and makes them available to countries worldwide regardless of their own technical abilities.
Pegasus, the NSO’s spyware, can hack into a mobile phone and intercept all communications, including encrypted messages. It can also turn any phone into a listening device and enable a Pegasus operator to remotely activate the targeted phone’s recorder and camera.
In July, the Pegasus Project, a joint media investigation into NSO, revealed evidence of attacks against American journalists and others.
The phone numbers of top French officials, including President Emmanuel Macron and most of his cabinet, also appeared in a leaked database at the heart of the investigative project.
The investigation also found that senior US diplomat Robert Malley, who currently serves as the Biden administration’s special envoy on Iran, appeared to have been selected as a person of interest by an NSO customer.