US diplomats spied on with Pegasus

San Francisco. The iPhones of at least 11 US State Department employees have been compromised by a hacker who used advanced Pegasus spyware, developed by Israel-based NSO Group, according to four sources.

Two sources said the attacks in recent months had targeted Ugandan officials or had targeted cases related to the east African country.

The breaches represent the most widespread known attack on US officials via NSO technology.

Apple, the maker of iPhones, has started alerting users whose phones have been hacked by spyware.

NSO Group said in a statement that it had no indication that its tools had been used, but that it had canceled the accounts involved and said it would conduct an investigation.

A spokesperson for NSO said the company “will cooperate with any relevant government authority and will provide the information that we will have.”

NSO has long said that it sells its products only to intelligence clients and government agencies, helps them monitor security threats, and is not directly involved in surveillance operations.

A State Department spokesperson declined to comment on the breaches, but noted the Commerce Department’s recent decision to put the Israeli company on its Entity List, making it difficult for American companies to deal with it.

The NSO Group and another spyware company were added to the list of entities on the grounds that they developed and provided spyware to foreign governments that used this tool to maliciously target government officials, journalists, businessmen, activists, academics and embassy personnel. The Commerce Department said last month.

NSO software captures encrypted messages, photos and other sensitive information from infected phones, and turns them into recording devices to monitor surrounding areas, according to product manuals.

This program has been at the center of controversy this year after reports alleged it was used to spy on activists, journalists and politicians.

Concern about Pegasus increased after Apple revealed in September that it had fixed a flaw that allowed spyware to infect devices without users clicking on a malicious link or message.

Smartphones infected with the Pegasus device allow the hacker to read the victim’s messages, look at their photos, track their location, and even turn on their camera without their knowledge.