Security News

The US National Counterintelligence and Security Center and the Department of State have jointly published guidance on defending against attacks using commercial surveillance tools. Tips shared in the joint advisory are designed to help people at risk of being targeted by surveillance campaigns block attempts to track their location, record their conversations, and harvest their personal information and online activity using mercenary spyware deployed on their mobile devices.

Kaspersky researchers said in a Thursday report that from Jan. 20 to Nov. 10, the actors behind the vast campaign were targeting government organizations and industrial control systems across a range of industries, including engineering, building automation, energy, manufacturing, construction, utilities and water management. The operators behind PseudoManuscrypt are using fake pirated software installer archives to initially download the spyware onto targets' systems.

Eighteen US Democratic lawmakers have asked the Treasury Department and State Department to punish Israel-based spyware maker NSO Group and three other surveillance software firms for enabling human rights abuses. In a letter [PDF] signed by US Senator Ron Wyden, House Intelligence Committee Chairman Adam Schiff, and 16 others, the legislators urge Secretary of the Treasury Janet Yellen and Secretary of State Antony Blinken to apply sanctions to the NSO Group, UAE-based DarkMatter Group, and EU-based Nexa Technologies and Trovicor, under the Global Magnitsky Act.

NSO Group's descent into Internet pariah status continues. Its Pegasus spyware was used against nine US State Department employees.

An unknown assailant planted NSO Group's Pegasus spyware on the iPhones of at least nine U.S. State Department employees, according to four of Reuters' sources who are familiar with the matter. Two of Reuters' sources said that the targeted State Department employees were using iPhones registered with foreign telephone numbers, without the U.S. country code.

Apple reportedly notified several U.S. Embassy and State Department employees that their iPhones may have been targeted by an unknown assailant using state-sponsored spyware created by the controversial Israeli company NSO Group, according to multiple reports from Reuters and The Washington Post. At least 11 U.S. Embassy officials stationed in Uganda or focusing on issues pertaining to the country are said to have singled out using iPhones registered to their overseas phone numbers, although the identity of the threat actors behind the intrusions, or the nature of the information sought, remains unknown as yet.

Apple has warned at least nine US Department of State employees that their iPhones have been hacked by unknown attackers using an iOS exploit dubbed ForcedEntry to deploy Pegasus spyware developed by Israeli surveillance firm NSO Group. "On top of the independent investigation, NSO will cooperate with any relevant government authority and present the full information we will have," an NSO spokesperson separately told Motherboard.

Russian cybersecurity firm Kaspersky attributed the infiltrations to a North Korean hacker group tracked as ScarCruft, also known as APT37, Reaper Group, InkySquid, and Ricochet Chollima. "The actor utilized three types of malware with similar functionalities: versions implemented in PowerShell, Windows executables and Android applications," the company's Global Research and Analysis Team said in a new report published today.

The complaint alleges that the maker of the infamous Pegasus mobile spyware is responsible for the illegal surveillance of Apple users. "In a free society, it is unacceptable to weaponize powerful state-sponsored spyware against those who seek to make the world a better place," said Ivan Krstić, head of apple security engineering and architecture, in an Apple statement, issued Monday.

Apple has sued NSO Group and its parent company Q Cyber Technologies in a U.S. federal court holding it accountable for illegally targeting users with its Pegasus surveillance tool, marking yet another setback for the Israeli spyware vendor. "State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change," said Craig Federighi, Apple's senior vice president of Software Engineering in a statement.