NSO Group
NSO Group REUTERS/Amir Cohen/File Photo

Apple iPhones of at least nine US State Department employees were hacked by an unknown assailant using sophisticated spyware developed by the Israel-based NSO Group, four people familiar with the matter told Reuters on Friday.

The hacks, which took place in the last several months, hit US officials either based in Uganda or focused on matters concerning the East African country, two of the sources said.

NSO Group said in a statement on Thursday that it did not have any indication their tools were used but canceled the relevant accounts and would investigate based on the Reuters inquiry.

"If our investigation shall show these actions indeed happened with NSO's tools, such customer will be terminated permanently and legal actions will take place," said an NSO spokesperson, who added that NSO will also "cooperate with any relevant government authority and present the full information we will have."

NSO has said it only sells its products to government law enforcement and intelligence clients, helping them to monitor security threats, and is not directly involved in surveillance operations.

Officials at the Uganda embassy in Washington did not comment. A spokesperson for Apple declined to comment.

The US Commerce Department recently blacklisted NSO Group, prohibiting it from using American technology in its operations.

A State Department spokesperson declined to comment on the intrusions, instead pointing to the Commerce Department's recent decision to place the Israeli company on the entity list, making it harder for US companies to do business with them.

Apple sued the Israeli firm in late November, seeking a permanent injunction to ban NSO Group from using Apple software, services, or devices.

In a public response, NSO has said its technology helps stop terrorism and that they've installed controls to curb spying against innocent targets.

For example, NSO says its intrusion system cannot work on phones with US numbers beginning with the country code +1.

But in the Uganda case, the targeted State Department employees were using iPhones registered with foreign telephone numbers, said two of the sources, without the US country code.

A senior Biden administration official, speaking on condition he not be identified, said the threat to US personnel abroad was one of the reasons the administration was cracking down on companies such as NSO and pursuing new global discussion about spying limits.

The Israeli embassy in Washington said that targeting American officials would be a serious breach of its rules.

"Cyber products like the one mentioned are supervised and licensed to be exported to governments only for purposes related to counter-terrorism and severe crimes," an embassy spokesperson said. "The licensing provisions are very clear and if these claims are true, it is a severe violation of these provisions."

(Arutz Sheva’s North American desk is keeping you updated until the start of Shabbat in New York. The time posted automatically on all Arutz Sheva articles, however, is Israeli time.)

Did you find a mistake in the article or inappropriate advertisement? Report to us