iPhones of US diplomats hacked using “0-click” exploits from embattled NSO
The iPhones of nine US State Department officials were infected by powerful and stealthy malware developed by NSO Group, the Israeli exploit seller that has come under increasing scrutiny for selling its wares to journalists, lawyers, activists, and US allies.
The US officials, either stationed in Uganda or focusing on issues related to that country, received warnings like this one from Apple informing them their iPhones were being targeted by hackers. Citing unnamed people with knowledge of the attacks, Reuters said the hackers used software from NSO.
— Norbert Mao (@norbertmao) November 24, 2021
No clicking required
As previously reported, NSO software known as Pegasus uses exploits sent through messaging apps that infect iPhones and Android devices without requiring targets to click links or take any other action. From there, the devices run hard-to-detect malware that can download photos, contacts, text messages, and other data. The malware also allows the operator to listen to audio and view video in real time.