Hackers Use Pegasus Spyware to Break Into US State Department Phones

Buidling of the US department of State. Hackers use Pegasus spyware to break into US State Department phones

In the last couple of months, an unknown perpetrator gained access to iPhones of at least nine employees of the United States Department of State (Department of State, DOS). To do so, the criminal used Pegasus, a sophisticated spyware product developed by the Israeli cyber arms company NSO Group.

Military-Grade Pegasus Spyware

NSO Group has repeatedly explained that governments, the military, intelligence agencies, and law enforcement use their spyware tool, Pegasus, to track down suspected terrorists and criminals. Moreover, they claim that they don’t have any knowledge of how their clients use its software or who they’re targeting. As a result, they can’t be blamed for it.

However, security researchers and journalists worldwide have exposed major issues with Pegasus. Unknown perpetrators used the military-grade spyware tool to break into the phones of business people, heads of state, journalists, and activists, for example. They also hacked phones belonging to at least two people close to Jamal Khashoggi, a journalist who was brutally assassinated at the Saudi consulate in Istanbul.

Various Methods of Infection

Unfortunately, most people wouldn’t even know if their smartphone was infected. This is because there are various mechanisms hackers can use to install Pegasus on victims’ phones. Some methods involve a text message with an infected link. If people click on this link, malicious software compromises the device. Thus, enabling hackers to access the victim’s camera, messages, and sensitive data.

More concerning are zero-click attacks. In this case, cybercriminals exploit software vulnerabilities to infect someone’s device without any user intervention. This is what happened with a small number of iPhone users in the past. Apple recently filed a lawsuit against NSO Group to hold them accountable for these attacks.

US State Department Phones Hacked

The latest security incident, reported first by Reuters, involves the phones of nine people who worked in Uganda on behalf of the United States Department of State or focused on matters concerning the country. Reuters was unable to determine who’s behind these attacks.

In a statement released on Friday night, NSO Group explained again that their tools are “incapable of being installed on US (+1) numbers” and that this case doesn’t involve US phone numbers. However, the statement doesn’t address whether or not hackers can break into phones belonging to US officials with foreign-registered numbers.

Further Investigations Pending

NSO Group claimed they took immediate action. Apparently, they have shut down all customers potentially connected to the case. NSO also confirmed that they would investigate the matter and cooperate with any relevant government authorities.

“If the allegations turn out to be true, they are a blunt violation of all commitments and agreements that company has with its customers, and the company will take legal action against these customers.”

NSO Group Blacklisted

The United States Department of State has not provided any comments. A spokesperson did, however, point to the fact that the US recently placed NSO Group on a blacklist after they determined that the company engages in activities that are contrary to US security interests. As a result, it is extremely difficult for American entities to do business with the company.

NSO Group is also under fire in Israel itself. In November, the Israeli Ministry of Defense limited the number of countries that companies based in Israel can export software tools to. Israel reduced the number of countries from 102 to just 37. The updated list no longer includes countries such as Morocco, Mexico, the UAE, or Saudi Arabia.

IT communication specialist
Sandra has many years of experience in the IT and tech sector as a communication specialist. She's also been co-director of a company specializing in IT, editorial services and communications project management. For VPNoverview.com she follows relevant cybercrime and online privacy developments. She rigorously tests the quality of VPN services using VPNOverview.com's dedicated VPN testing protocol that has been finetuned and optimized over the years.