Saturday, December 4, 2021 19:10 PM (GMT+7)
This incident is the largest-scale intrusion against US officials using NSO Group technology.
Over the past few months, the iPhones of at least nine US diplomats working in Uganda or focusing on matters related to this African country have been hacked. This incident is the largest-scale intrusion against US officials using NSO Group technology. Previously, certain individuals, including some US officials, were on the alert list of potential targets of software developed by NSO.
It is not clear who is behind these attacks.
NSO Group said it has not seen any signs that the company’s technology has been used to hack the phones of US diplomats, but has canceled the access of relevant customers and will conduct an investigation.
According to this company, if the investigation results show that the intruder used NSO’s tools, the company will permanently terminate the relationship with those customers and take legal action, and cooperate and file a complaint. disclose all information to the governments of the countries concerned.
Previously, NSO had always said that the company only sold its products to law enforcement and intelligence customers to monitor security threats, but the company was not directly involved in the campaign. any tracking.
Staff at the Ugandan embassies in Washington and Apple both declined to comment. A US State Department spokesman declined to comment on the attack, but reiterated that the US Commerce Department recently placed NSO Group on the Entity List – a list that restricts trade to individuals. certain individuals and organizations.
According to a statement by the US Department of Commerce, NSO Group and another spyware company were added to the Entity List “for developing and providing spyware to foreign governments, [cho phép các chính phủ này] uses software to target officials, journalists, business people, activists, academics and embassy staff.”
Target identification via email
NSO’s software can not only collect encrypted messages, photos, and other sensitive information from a compromised phone, but it can also turn the phone into a recording tool to monitor the environment. around.
The targets alerted by Apple included US citizens and were easily identified as US government employees, because the email they used for their Apple accounts ended in state.gov. The phones of these people and targets in other countries alerted by Apple were all compromised through a graphics processing flaw that Apple didn’t know about and fixed until September 2021, according to the source. by Reuters.
A threat notice Apple sends to iPhone phones. Source: Norbert Mao’s Twitter.
Since at least February 2021, this vulnerability has allowed some NSO customers to hack into a target’s iPhone simply by sending an unsolicited iMessage message containing malicious code. Even if the victim does not see or interact with the message, it will be compromised. The NSO’s Pegasus tracking software was then installed on the target’s phone.
Last week, Apple announced it would notify targets hit by NSO software, the same day Apple sued the spyware company. Responding to that move, NSO said that the tracking technology it developed helped prevent terrorism, and that the company itself controls the software to reduce the chance of innocent people being targeted. For example, NSO says that tracking software cannot work on phones with a +1 prefix in the US.
But in the case of Uganda, the hacked diplomats used iPhones with foreign phone numbers and no +1 prefix.
An unnamed senior official working in the Biden administration said the danger to US government employees working abroad is one of the many reasons the US government is aggressively clamping down on companies like NSO and NSO. strengthening towards a new global order of limits in intelligence.
The official added that the US government has documented “systematic abuse” of NSO’s Pegasus tracking software in many countries. Some of NSO’s past well-known clients include Saudi Arabia, the UAE, and Mexico.
The Israeli Embassy in Washington stated that targeting US government employees would seriously violate Israeli regulations. Accordingly, software products like NSO’s are strictly monitored and are only allowed to be exported for anti-terrorism and serious crime purposes.
This is a guide for VNPT’s Mobile Money service, with other units (Viettel and MobileFone) may differ.