The apparent hack targeted US diplomats based in Uganda or officials whose work focused on the country.
At least nine US State Department employees’ phones were hacked using software developed by Israeli cybersurveillance firm NSO Group, Reuters reported on Friday.
Citing sources familiar with the apparent cyberattack, the news agency reported the spyware targeted US diplomats based in Uganda or officials whose work focused on the country. Apple alerted the State Department employees, at least some of whom were American citizens, that their devices had been infected in recent months.
Reuters did not determine who was responsible for the intrusion.
NSO has been engulfed in controversy following revelations that its military-grade spyware has been used to successfully hack the smartphones of journalists, politicians, activists and business leaders around the world. Researchers say Pegasus, NSO’s signature software, can be used to remotely access a phone’s contents, camera and microphone.
The Israeli firm says it only licenses its surveillance tools to foreign governments requiring them to fight terrorism and other crime.
In a statement to Reuters, NSO said it wasn’t aware of its surveillance tools being used in the alleged State Department hack. A spokesperson said if an investigation determines otherwise, NSO would terminate that customer.
NSO has previously said that its surveillance software doesn’t work on phones with the US +1 country code. However, Reuters reports that the hacked State Department phones were registered to foreign telephone numbers.
The US Embassy in Uganda did not immediately return a request for comment.
A State Department spokesperson told Al-Monitor in emailed comments, “While we are unable to confirm, generally speaking the Department takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected.”