TO Following revelations by the press, the company NSO Group, maker of spy software Pegasus, announced Friday (December 3rd) the opening of an internal investigation, after learning that its software could be involved in spying on diplomats Americans in Africa. According to the press, the diplomats concerned would have received an alert on their phone, informing them that their devices had been contaminated by the software, capable of tapping its user and recovering all the data.
NSO Group indicated in a message sent to AFP that it had already suspended potentially affected customers “because of the seriousness of the charges”, without however identifying them. The group assures to have received “for the moment no information, telephone number or indication that the software of NSO was used in this business”. But he says he is ready “to cooperate with any competent governmental authority and to share all the information in his possession”.
An international media collective revealed this summer that Pegasus had made it possible to spy on the numbers of journalists, politicians, activists or business leaders from different countries, including French President Emmanuel Macron. But American diplomats seemed to have been spared, not least because Pegasus is, according to NSO, designed not to be able to be used on numbers starting with + 1, which is the telephone code of the United States.
According to the daily Washington post and Reuters, Pegasus was indeed used to infiltrate the iPhones of at least nine State Department employees based in Uganda or working primarily on issues related to East Africa. Washington had added NSO Group to its list of banned companies in early November.
The iPhone maker, which recently filed a lawsuit in the United States against NSO Group asking to permanently ban the Israeli company’s software on its devices, declined to comment on Friday.
Soon after the revelations this summer, he fixed a computer vulnerability exploited by Pegasus that allowed spying on people without users even having to click on trapped links or messages. Apple had indicated at the time of filing its complaint that it would inform the “small number” of users who may have been targeted by this type of attack.