Spyware hack

Human-rights group Amnesty International, which collaborated with Citizen Lab on the investigation, says it later confirmed a sample of Citizen Lab's findings through its own technology arm. Citizen Lab said it found evidence of incursions on the phones that occurred between July and November It said it could not identify who was responsible for deploying the Israeli-designed spyware. Known as Pegasus , the software has been purchased by state actors worldwide, some of whom have used the tool to surveil journalists.

In the El Salvador attack, the heavy focus on editors, reporters, and activists working inside that single Central American country points to a local customer with a particular interest in their activities, said Scott-Railton, a senior researcher at Citizen Lab.

Citizen Lab released a report on its findings on Wednesday. It said the administration is investigating the alleged hacking and had information that some top administration officials also might have had their phones infiltrated. Pegasus allows users to steal encrypted messages, photos, contacts, documents, and other sensitive information from infected phones without users' knowledge.

It can also turn handsets into eavesdropping devices by silently activating their cameras and microphones, according to product manuals reviewed by Reuters. NSO, which has long kept its client list confidential, declined to comment on whether El Salvador was a Pegasus customer.

The company said in a statement that it sells its products only to "vetted and legitimate" intelligence and law enforcement agencies to fight crime and that it is not involved in surveillance operations. Jessica Corbett. Multiple news outlets revealed Friday that Apple notified at least 11 U. State Department officials that their iPhones were recently hacked by an unknown party or parties with spyware developed by the private Israeli firm NSO Group.

The "bombshell," first reported by Reuters , comes after Apple sued NSO Group last month in an effort to protect iPhone users from its Pegasus spyware, which the Israeli company claims to only sell to government law enforcement and intelligence agencies and was the focus of a major reporting project earlier this year.

Citing multiple unnamed sources, The Washington Post and Reuters explained that State Department employees based in Uganda or elsewhere in East Africa were targeted over several months, and the intrusions "represent the widest known hacks of U. A senior Biden administration official, speaking on condition he not be identified, said the threat to U.

The official added that they have seen "systemic abuse" in multiple countries involving NSO's Pegasus spyware. The National Security Council said in a statement reported by the Post that "we have been acutely concerned that commercial spyware like NSO Group's software poses a serious counterintelligence and security risk to U. Spokespeople for Apple and the State Department declined to comment to Reuters , though the latter also noted that the Commerce Department recently added NSO Group to the Entity List "based on a determination that they developed and supplied spyware to foreign governments that used this tool to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.

While officials at the Ugandan Embassy in Washington, D. An NSO Group spokesperson told the news agency that the relevant accounts were canceled and if an internal investigation finds that "these actions indeed happened with NSO's tools," the involved customers "will be terminated permanently and legal actions will take place.

John Scott-Railton, a senior researcher at the Citizen Lab at the University of Toronto, also responded to the revelations on Twitter, saying that NSO Group has been an "in-plain-sight national security threat for years" and it is "embarrassing that it took a private company to warn them. Does [the State Department] know now? A multi-agency investigation is immediately needed.

Ron Wyden D-Ore. Last month, Apple filed a lawsuit in a California-based U. Apple is seeking a permanent injunction to ban the firm from using its devices, services, or software. That suit came after the Pegasus Project —an investigation into NSO's spyware published in July by more than 80 journalists from 17 media organizations in 10 countries. The Circles technology differs from Pegasus in that it vacuums up data from the global phone network instead of planting spyware on specific devices.

The report claimed the Circles system had been in operation in El Salvador since Source link. Your email address will not be published. Save my name, email, and website in this browser for the next time I comment. Circles could not immediately be reached for comment. Leave a Comment Cancel Reply Your email address will not be published.