Become a MacRumors Supporter for $25/year with no ads, private forums, and more!

MacRumors

macrumors bot
Original poster
Apr 12, 2001
55,427
17,773


Apple has notified at least nine U.S. Department of State employees that they may have been targeted by state-sponsored spyware created by Israeli company NSO Group, according to a Reuters report citing four people familiar with the matter.

apple-security-banner.jpeg

A spokesperson for NSO Group told Reuters that it will investigate and take legal action against customers using its tools illegally if necessary.
"If our investigation shall show these actions indeed happened with NSO's tools, such customer will be terminated permanently and legal actions will take place," said an NSO spokesperson, who added that NSO will also "cooperate with any relevant government authority and present the full information we will have."
Last month, Apple filed a lawsuit against NSO Group to "hold it accountable" for state-sponsored spyware targeting Apple users. Apple also said it would contribute $10 million to organizations pursuing cybersurveillance research and advocacy.

Apple said NSO Group's "spyware product" Pegasus was used to attack a "very small number of users" across multiple platforms, including iOS and Android.
Apple's legal complaint provides new information on NSO Group's FORCEDENTRY, an exploit for a now-patched vulnerability previously used to break into a victim's Apple device and install the latest version of NSO Group's spyware product, Pegasus. […]

To deliver FORCEDENTRY to Apple devices, attackers created Apple IDs to send malicious data to a victim's device — allowing NSO Group or its clients to deliver and install Pegasus spyware without a victim's knowledge. Though misused to deliver FORCEDENTRY, Apple servers were not hacked or compromised in the attacks.
Apple said NSO Group's spyware could allow for attackers to "access the microphone, camera, and other sensitive data on Apple and Android devices." Apple added that iOS 15 includes new security protections and, as of November 23, Apple said it had not observed any evidence of successful remote attacks against devices running any iOS 15 version.

In a support document, Apple said it would notify users who may have been targeted by email and iMessage "in accordance with industry best practices."
If Apple discovers activity consistent with a state-sponsored attack, we notify the targeted users in two ways:

- A Threat Notification is displayed at the top of the page after the user signs into appleid.apple.com.
- Apple sends an email and iMessage notification to the email addresses and phone numbers associated with the user's Apple ID.

These notifications provide additional steps that notified users can take to help protect their devices.
Through the lawsuit and notifications, Apple aims to cut down on the abuse of state-sponsored spyware.

"State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability," said Apple's software engineering chief Craig Federighi. "That needs to change."

(Thanks, Jordan Golson!)

Article Link: Apple Reportedly Notified Some U.S. State Department Employees They May Have Been Targeted by NSO Group Spyware
 
Last edited:

4jasontv

macrumors 603
Jul 31, 2011
5,409
6,373
Later NSO Groups also reported:

With the help of government officials, we were able to identify no abuse of state-sponsored spyware. Therefore we see no reason to stop selling our spyware to government officials. We have asked government officials to be vigilant and notify us if they consider their use of our product abusive.
 

ponzicoinbro

macrumors 6502
Aug 5, 2021
252
312
N S O appears to be aligned with Russian and Saudi interests. Happily selling their software to anti-democratic clients. Michael Flynn the US intel guy who turned into a Qanon fascist was listed as their advisor. Flynn was also pictured having dinner with Putin.
 
Last edited by a moderator:
  • Angry
Reactions: TakeshimaIslands

julesme

macrumors 6502
Oct 14, 2016
464
1,644
San Jose

It seems to me there are a number of candidates, but Israel is not likely to be one of them. According to Reuters, the targeted employees were based in Uganda, so whoever targeted the employees were likely interested in gaining information around US policy in that region. In addition, (per multiple press reports), past clients of NSO include Saudi Arabia, Mexico, and UAE. Saudi Arabia in particular allegedly leveraged NSO software a couple years ago to target Jamal Khashoggi, the journalist who was kidnapped at an embassy in Istanbul and dismembered.
 

Websnapx2

macrumors 6502
Apr 24, 2003
494
501
I sure would like to know which state is sponsoring spying on American state dept officials. Anyone know?
I don't think any are — the tool its self was state-sponsored in creation, but the usage is sold like any licenced software. The issue is that someone who licences the software is doing this — assumingly contrary to how they said they would use it when licensing it. That's why the NSO Spokesperson said "If our investigation shall show these actions indeed happened with NSO's tools, such customer will be terminated permanently and legal actions will take place."

Their wording is suspect though — it sounds like whoever they find they will kill, lol.
 

visualseed

macrumors 6502
Dec 16, 2020
343
568
The first step will be for Apple to inform their customers who was hacked. The second step will be for Apple to use discovery during their lawsuit against NSO to let the world know who hacked them which will probably include a lot of world governments. So the next time governments complain about needing the keys the kingdom to stop child abuse or terrorism, they can point out that when they did have the keys they mostly used them to spy on journalists, activists and foreign citizens working in their official capacities, etc..
 
Last edited:

DaveN

macrumors 6502a
May 1, 2010
710
389
Later NSO Groups also reported:

With the help of government officials, we were able to identify no abuse of state-sponsored spyware. Therefore we see no reason to stop selling our spyware to government officials. We have asked government officials to be vigilant and notify us if they consider their use of our product abusive.
Good one
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.