Tag Archives: hack

Business

Former WSJ reporter says law firm used Indian hackers to sabotage his career

Leave a comment

WASHINGTON, Oct 15 (Reuters) – A former Wall Street Journal reporter is accusing a major U.S. law firm of having used mercenary hackers to oust him from his job and ruin his reputation.

In a lawsuit filed late Friday, Jay Solomon, the Journal’s former chief foreign correspondent, said Philadelphia-based Dechert LLP worked with hackers from India to steal emails between him and one of his key sources, Iranian American aviation executive Farhad Azima.

Solomon said the messages, which showed Azima floating the idea of the two of them going into business together, were put into a dossier and circulated in a successful effort to get him fired.

Register now for FREE unlimited access to Reuters.com

The lawsuit, filed in federal court in Washington, said Dechert “wrongfully disclosed this dossier first to Mr. Solomon’s employer, the Wall Street Journal, at its Washington DC bureau, and then to other media outlets in an attempt to malign and discredit him.” It said the campaign “effectively caused Mr. Solomon to be blackballed by the journalistic and publishing community.”

Dechert did not immediately return a message seeking comment. Azima – who filed his own lawsuit against Dechert on Thursday in New York – did not immediately return a message. read more

Solomon’s suit is the latest in a series of legal actions that follows Reuters’ reporting about hired hackers operating out of India. In June, Reuters reported on the activities of several hack-for-hire shops, including Delhi area-companies BellTroX and CyberRoot, that were involved in a decade-long series of espionage campaigns targeting thousands of people, including more than 1,000 lawyers at 108 different law firms.

At the time, Reuters reported that people who had become hacking targets while involved in at least seven different lawsuits had each launched their own inquiries into the cyberespionage campaign.

That number has since grown.

Azima, Solomon’s former source, is among those who have gone to court over the alleged hacking. His lawyers, like Solomon’s, allege that Dechert worked with BellTroX, CyberRoot and a slew of private investigators to steal his emails and publish them to the web.

BellTroX and CyberRoot are not parties to the suit and could not immediately be reached. Executives at both firms have previously denied wrongdoing.

Solomon and Azima allege that Dechert undertook the hack-and-leak operation in the interest of its client, Sheikh Saud bin Saqr al-Qasimi, ruler of the Middle Eastern emirate of Ras Al Khaimah. Reuters has reported that lawyers for Ras Al Khaimah’s investment agency – RAKIA – used the emails to help win a fraud lawsuit filed against Azima in London in 2016.

Azima, who denies RAKIA’s fraud allegations, is trying to have the judgment thrown out.

In addition to being deployed in court, the leaked emails also made their way to The Associated Press, which published two articles about Azima in June of 2017, including one that revealed the airline mogul had offered reporter Solomon a minority stake in a company he was setting up. The Journal fired Solomon shortly before the AP’s story was published, citing ethical violations.

Solomon says he never took Azima up on his proposal or benefited financially from their relationship. In a first-person account of the scandal published in the Columbia Journalism Review in 2018, the ex-journalist said he never pushed back on Azima’s talk of business opportunities because he was trying to humor a man who had been crucial to his reporting on the Middle East. Solomon acknowledged “serious mistakes in managing my source relationship with Azima” but said he had been the target of an “incredibly effective” information operation.

The Journal, which is not a party to suit, declined comment. The AP did not immediately return a message.

Solomon won several awards for his work as a foreign correspondent before his firing. He declined to provide an on-the-record comment about the lawsuit, but in his 2018 account he called the episode a warning for journalists.

“Leaks and hacks of emails and correspondences can blow up intricate reporting and derail months, if not years, of work,” he said.

Register now for FREE unlimited access to Reuters.com

Reporting by Raphael Satter; Editing by David Gregorio

Our Standards: The Thomson Reuters Trust Principles.

Read original article here

Health

Is this a useful hack for those with sleep apnea?

Leave a comment

Like Scott of Essential Craftsman, I suffer from sleep apnea. Also, like Scott, I often thought of altering my CPAP machine (when I was using one). But my fantasy “improvements” were more along the lines of redesigning the mask to make it easier to wear or at least decorating it to make it look less like dire hospital equipment.

Like many CPAP users, Scott loathed his mask and the whole rigamarole of using it. He was complaining to a friend who joked: “Why don’t you just put tape over your mouth?” Scott took him seriously and started experimenting with different ways of taping his mouth shut and not using his machine. He landed on a non-aggressive medical tape, cut with small air slits.

He’s been monitoring his nighttime health ever since with an Apple Watch and a sleep health app and claims his improved stats speak from themselves. An interesting experiment, to be sure.

Fun CPAP side note: When I got my sleep apnea diagnosis, I started doing research on people coping with the machine and looking for any CPAP alternatives. On a forum, I read a really touching story about a couple. The man was diagnosed with apnea and got the machine. He hated it. His partner hated it, too, and it started causing strife in their relationship. The machine kept him up more than allowed him to sleep. And during that insomnia, he discovered that she showed signs of apnea. She had the sleep test, and sure enough, apnea. Now, they both went to bed at night with a CPAP facehugger strapped to their heads. They eventually adjusted and decided to have some fun with it. They decorated their masks to look like jet fighter masks and they’d go to bed each night imagining that they’re jet pilots. “Ready for take-off, honey?” “Roger that.”

Thumbnail: Screen grab from video, Essential Craftsman, Scott Wadsworth


Read original article here
US

LAUSD hack: Criminal group releases sensitive data after district refuses to pay ransom

Leave a comment

LOS ANGELES (KABC) — Hackers have released data stolen in a cyberattack against the Los Angeles Unified School District, Superintendent Alberto Carvalho confirmed Sunday.

“Unfortunately, as expected, data was recently released by a criminal organization,” Carvalho said in a statement. “In partnership with law enforcement, our experts are analyzing the full extent of this data release.”

The data was released Saturday — two days before a deadline previously given by the hackers — after Carvalho’s stated refusal to pay ransom to an international hacking syndicate.

The group claiming responsibility for the cyberattack had previously set a Monday deadline for the district pay a ransom to the organization.

In a dark web post detected and reprinted by Brett Callow of the cybersecurity firm Emsisoft, the hacking syndicate Vice Society listed the LAUSD as one of “our partners,” and stated, “The papers will be published by London time on October 4, 2022 at 12:00 a.m.”

The post did not give any indication about what information had been obtained or what would be published.

Carvalho previously acknowledged that the district received a ransom demand from the group responsible for the Labor Day weekend hack — which he declined to name.

“We can acknowledge … that there has been communication from this actor (hacker) and we have been responsive without engaging in any type of negotiations,” he told reporters. “With that said, we can acknowledge at this point … that a financial demand has been made by this entity. We have not responded to that demand.”

He did not provide specifics about the demand.

Carvalho told the Los Angeles Times on Friday that the district would not pay the ransom demand or negotiate with the hackers.

“What I can tell you is that the demand — any demand — would be absurd,” he told the Times. “But this level of demand was, quite frankly, insulting. And we’re not about to enter into negotiations with that type of entity.”

A hotline will be available starting Monday at 6:00 a.m.

“This hotline will assist those from our school communities who may have questions or need additional support,” Carvalho said.

The telephone number for the incident response hotline is (855) 926-1129. Hours of operation will be 6:00 a.m. to 3:30 p.m., Monday through Friday, excluding major U.S. holidays.

City News Service contributed to this report.

Copyright © 2022 KABC Television, LLC. All rights reserved.



Read original article here

Business

Salesforce will keep working on security after Uber hack

Leave a comment

Marc Benioff, founder, chairman and co-CEO of Salesforce, speaks at an Economic Club of Washington luncheon in Washington on October 18, 2019.

Nicholas Kamm | AFP | Getty Images

Salesforce co-CEO Marc Benioff said the cloud software company has much more to do in the area of cybersecurity following an attack at Uber involving Salesforce’s Slack chat app.

Uber said on Monday that it believed a hacking group dubbed Lapsus$ was behind a cyberattack last week and noted that other victims of the group’s attacks this year included Cisco, Nvidia, Okta and Samsung. Microsoft also said that Lapsus$ had accessed one of its accounts.

related investing news

Pro Picks: Watch all of Monday’s big stock calls on CNBC

According to Uber, the attacker probably bought a company contractor’s password on the dark web after a malware attack, and the contractor accepted a two-factor authentication request. The attacker downloaded some Slack messages and posted a note to a Slack channel that “many of you saw,” the ride-sharing company said.

Hackers often use so-called social engineering, which involves exploiting trusted individuals rather than just going after hardware and software.

“There’s no finish line when it comes to security and social engineering,” Benioff said during a press conference at Salesforce’s Dreamforce conference in San Francisco on Tuesday. “There’s things that we’re going to need to do to help our customers prevent these kinds of issues.”

Salesforce has seen its systems exploited in the past. In 2007, a hacker reportedly obtained email addresses stored in Salesforce and used them to go after clients of Automatic Data Processing and other Salesforce customers. And in June, Salesforce’s Heroku unit said a hacker had obtained account passwords and some source code.

“We’ve been through almost every possible situation,” Benioff said. “There’s a lot for us to do in perpetuity, and we’re going to just keep working on it.”

Most of the company’s engineering team works on security and trust, said Bret Taylor, Salesforce’s other co-CEO. Taylor said that trust was one of Salesforce’s original values when the company was founded in 1999.

WATCH: Salesforce was born in the 2001 recession, says chairman and co-CEO Marc Benioff

Read original article here

Business

Chipotle puts a stop to ‘hack’ that allowed customers to order $3 burritos

Leave a comment

(NEXSTAR) – It was fun while it lasted, Chipotle fans.

Chipotle has confirmed that guests will no longer be able to take advantage of an online “hack” that gained popularity on social media, as it resulted in a “poor experience” for employees and customers in the restaurants.

Users who had partaken in the “hack,” as it was referred to on social media, had instructed their followers to use Chipotle’s online ordering platforms to place an order for a single taco with all of the free toppings on the side, along with a tortilla. By doing so, many users claimed they could construct what essentially amounted to an entire burrito (or burrito bowl) for around $3 and change.

When ordered the traditional way, burritos generally cost upwards of $9, depending on proteins and add-ons, according to the Chipotle website.

As first reported by Insider, Chipotle disabled the online option to order a single taco earlier this week.

“Guests are currently unable to order a single taco from our online ordering systems,” said Laurie Schalow, the chief corporate affairs officer for Chipotle, in a statement shared with Nexstar. “While we have long embraced customizations and even released our own hack menu, the current social media trend is resulting in a poor experience for our food, our employees and our customers waiting for orders.”

Workers at several Chipotle locations across the U.S. told Insider that having to fulfill these orders would slow down the entire restaurant. The item itself also wasted more packaging and single-use plastic cups than a traditional burrito order.

One manager, from Ohio, even told Insider that customers would get “aggressive” with employees when they were given the appropriate-sized sides for a taco (rather than the larger sides provided in burrito orders), even though they were technically only entitled to the smaller taco-sized portions.

“It was just annoying for everyone,” she said, in part, in a statement to Insider.

Meanwhile, Schalow indicated in her statement that Chipotle isn’t against all menu “hacks” on social media, pointing to three that Chipotle itself shared on TikTok in 2020. But each of these “hacks” — for ordering nachos, a taco salad or a seven-layer dip — were aimed at helping customers create off-menu items, rather than cheaper versions of current menu items.

Chipotle customers who still wish to order tacos, meanwhile, can still do so in-person, Schalow told Nexstar.

Read original article here

Health

Man Shares How a Bowl of Water Can Vacuum-Seal Any Ziploc Bag and TBH We Can’t Believe Our Eyes

Leave a comment

Sometimes we see a hack that we don’t see much use for, at first, but wind up either being simply too cool not to feature, or that has some secret benefits that we simply don’t notice at first. Sometimes it can be a funny fail that reveals something interesting, or even a bit of knowledge we might have already known but brings more insight to what we already have.

It could be something as weird as ‘spray-painting’ feet, or as basic as… vacuum sealing a zip lock bag?

WATCH VIDEO HERE

So yes, this is apparently a thing. Luckily for us, Sidney Raz over on TikTok took up the challenge of proving it for us so that we didn’t have to go grab a bag and some water to try it out for ourselves.

The video starts with him being a little skeptical (aren’t we all?) before getting out some berries, a small Ziploc bag, and a bowl of water. The bag is filled and then almost completely sealed, leaving only the smallest gap to let air escape. Next Sidney dips the bag into the water, then has to do a second take because he apparently has to go run and grab a towel, just in case the water starts to leak over the edges.

When he finally starts to press the bag into the water, the trick starts to work! The water presses up against the berries through the bag, shoving all air to the top and eventually out of the bag. From there, the last bit of air can be pushed out and the zip lock fully sealed, preventing it from returning. This leaves the berries pretty much vacuum sealed into the bag, all without having to invest in some fancy machine that sucks all the air out!

Now, while we didn’t think this would work as well as it did, we do have to appreciate the ingenuity behind it, and you can bet that we will start using it ourselves ASAP!

Read original article here

US

Donald Trump says Mitch McConnell should do more to help Republicans get elected: ‘Broken down political hack’

Leave a comment

NEWYou can now listen to Fox News articles!

Former President Donald Trump went after Sen. Mitch McConnell, R-Ky., over social media for expressing skepticism around Republicans’ chances of retaking congressional majorities in the November midterms.

In a post on Truth Social, Trump called the Senate minority leader a “broken down political hack” and challenged his party loyalty.

“Why do Republicans Senators allow a broken down hack politician, Mitch McConnell, to openly disparage hard working Republican candidates for the United States Senate,” Trump asked.

Former U.S. President Donald Trump speaks at the Conservative Political Action Conference (CPAC) at the Hilton Anatole on August 06, 2022, in Dallas, Texas. 
(Brandon Bell/Getty Images)

He added: “This is such an affront to honor and to leadership. He should spend more time (and money!) helping them get elected, and less time helping his crazy wife and family get rich on China!”

TRUMP CLAIMS PROTESTING GEORGIA ELECTION PUTS ‘YOU IN JAIL’ WHILE MURDERERS ARE ‘QUICKLY’ SET FREE

The comment comes as McConnell suggested Thursday that he did not think Republicans would retake the Senate, as “candidate quality has a lot to do with the outcome.” He said his party may fare better in reclaiming the U.S. House.

“I think there’s probably a greater likelihood the House flips than the Senate,” the minority leader told the Northern Kentucky Chamber of Commerce. “Senate races are just different, they’re statewide. Candidate quality has a lot to do with the outcome.”

“Right now, we have a 50-50 Senate and a 50-50 country, but I think when all is said and done this fall, we’re likely to have an extremely close Senate. Either our side up slightly or their side up slightly,” he added.

The comment was widely criticized by conservatives, including Fox News host Sean Hannity.

“Democrats are painting Republican Senate candidates in upcoming elections and midterms as cruel and out of touch,” Hannity said during his Friday show. “Well, apparently Senate Minority Leader Mitch McConnell is content to leave them out to dry and fend for themselves.”

MCCONNELL MAKES GRIM PREDICTION ABOUT REPUBLICANS IN SENATE RACES, REFERENCES ‘CANDIDATE QUALITY’

“Listen to these comments, they’re very encouraging,” he added, before playing a clip of McConnell’s comments.

Hannity continued: “How about you get out there, Mitch, and fight for your team? What’s your agenda, Mitch, or would you rather just sit by and watch helplessly as Democrats lie to your face, pass another $500 billion green energy boondoggle?”

CLICK HERE FOR THE FOX NEWS APP

The Fox News host concluded: “His term as a leader needs to come to an end.”

McConnell’s shaky optimism comes as Republican senatorial candidates Blake Masters of Arizona, Herschel Walker of Georgia, and Mehemt Oz of Pennsylvania are trailing in their respective races. Sen. Ron Johnson, R-WI, also trails in his re-election effort. 

Read original article here

Business

Cryptoverse: Blockchain bridges fall into troubled waters

Leave a comment

Representations of cryptocurrency Bitcoin, Ethereum and Dash plunge into water in this illustration taken, May 23, 2022. REUTERS/Dado Ruvic/Illustration

Register now for FREE unlimited access to Reuters.com

Register

Aug 9 (Reuters) – Another day, another hack – and another blockchain bridge burned.

When thieves stole an estimated $190 million from U.S. crypto firm Nomad last week, it was the seventh hack of 2022 to target an increasingly important cog in the crypto machine: Blockchain “bridges” – strings of code that help move crypto coins between different applications. read more

So far this year, hackers have stolen crypto worth some $1.2 billion from bridges, data from London-based blockchain analysis firm Elliptic shows, already more than double last year’s total.

Register now for FREE unlimited access to Reuters.com

Register

“This is a war where the cybersecurity firm or the project can’t be a winner,” said Ronghui Hu, a professor of computer science at Columbia University in New York and co-founder of cybersecurity firm CertiK.

“We have to protect so many projects. For them (hackers) when they look at one project and there’s no bugs, they can simply move on to the next one, until they find a one weak point.”

At present, most digital tokens run on their own unique blockchain, essentially a public digital ledger that records crypto transactions. That risks projects using these coins becoming siloed, reducing their prospects for wide use.

Blockchain bridges aim to tear down these walls. Backers say they will play a fundamental role in “Web3” – the much-hyped vision of a digital future where crypto’s enmeshed in online life and commerce.

Yet bridges can be the weakest link.

The Nomad hack was the eighth-biggest crypto theft on record. Other thefts from bridges this year include a $615 million heist at Ronin, used in a popular online game, and a $320 million theft at Wormhole, used in so-called decentralised finance applications. read more

“Blockchain bridges are the most fertile ground for new vulnerabilities,” said Steve Bassi, co-founder and CEO of malware detector PolySwarm.

Reuters Graphics

ACHILLES HEEL

Nomad and others companies that make blockchain bridge software have attracted backing.

Just five days before it was hacked, San Francisco-based Nomad said it had raised $22.4 million from investors including major exchange Coinbase Global (COIN.O). Nomad CEO and co-founder Pranay Mohan called its security model the “gold standard.”

Nomad did not respond to requests for comment.

It has said it is working with law enforcement agencies and a blockchain analysis firm to track the stolen funds. Late last week, it announced a bounty of up to 10% for the return of funds hacked from the bridge. It said on Saturday it had recovered over $32 million of the hacked funds so far.

“The most important thing in crypto is community, and our number one goal is restoring bridged user funds,” Mohan said. “We will treat any party who returns 90% or more of exploited funds as a white hats. We will not prosecute white hats,” he said, referring to so-called ethical hackers.

Several cyber security and blockchain experts told Reuters that the complexity of bridges meant they could represent an Achilles’ heel for projects and applications that used them.

“A reason why hackers have targeted these cross-chain bridges of late is because of the immense technical sophistication involved in creating these kinds of services,” said Ganesh Swami, CEO of blockchain data firm Covalent in Vancouver, which had some crypto stored on Nomad’s bridge when it was hacked.

For instance, some bridges create versions of crypto coins that make them compatible with different blockchains, holding the original coins in reserve. Others rely on smart contracts, complex covenants that execute deals automatically.

The code involved in all of these can contain bugs or other flaws, potentially leaving the door ajar for hackers.

BUG BOUNTIES

So how best to address the problem?

Some experts say audits of smart contracts could help to guard against cyber thefts, as well as “bug bounty” programmes that incentivise open-sourced reviews of smart contract code.

Others call for less concentration of control of the bridges by individual companies, something they say could bolster resiliency and transparency of code.

“Cross-chain bridges are an attractive target for hackers because they often leverage a centralized infrastructure, most of which lock up assets,” said Victor Young, founder and chief architect at U.S. blockchain firm Analog.

Register now for FREE unlimited access to Reuters.com

Register

Reporting by Tom Wilson in London and Medha Singh in Bengaluru; Editing by Pravin Char

Our Standards: The Thomson Reuters Trust Principles.

Read original article here

Technology

TikToker’s Theft Recovery iPhone Hack Sparks Debate

Leave a comment

A TikToker’s viral theft-recovery iPhone hack sparked debate in the comments about whether knowing the location of a stolen device is helpful if there’s no way to retrieve it.

The creator, Katrina Audrey (@katrinaforeal), shared her own iPhone theft story and walked users through a step-by-step process of how to find your iPhone’s location, even if the device has been turned off. Her video has received over 11.5 million views.

“You need to do this iPhone hack in case your phone gets stolen because mine did last night, and I actually got it back,” Katrina says. She adds that she learned the hack from @reviewingtech on Instagram.

@katrinaforeal #iphonehack #iphonehacks #stolenphonecheck #stolenphone #iphonetricksandtips #iphonetricks #iphonetricksandhacks #BigInkEnergy ♬ Beat Automotivo Tan Tan Tan Viral – WZ Beat

“First step go to Face ID and Passcode, you want to toggle off Control Center and USB Accessories,” Audrey explains. “Toggle on Location Services, Find my iPhone, and make sure to toggle on all three of these [she’s referring to Find my iPhone, Find my Network, and Send Last Location].”

This process requires the user to sign into any other iOS device with their apple ID and then remotely manage the settings of their stolen iPhone from the secondary device in order for this method to work.

Katrina continues, “This allows your phone, even when it’s off or on airplane mode to still be findable. Whoever stole my phone last night literally was out all night.” She then shows a screenshot of a map of Chicago that showed the trajectory of her phone’s path through a series of tracked steps.

“Look at what they went through in the city of Chicago,” she says. “South Side, North Side, they ended up going back to Gurney, Illinois. This is the address that they had it at, nice little place isn’t it?” The TikToker then showed an image of the home that was allegedly housing her stolen iPhone.

Katrina called the Gurney Police Department and gave them the address of the house. She says the police went to the home and retrieved her phone.

The FCC reports that 68% of phone theft victims are ultimately unable to recover their stolen devices. The agency wrote, “the reality is that whether your smartphone is white, black, or gold, it is now almost 30 times more valuable per ounce than a block of solid silver — and almost as easy to convert discreetly into cash.”

Despite Katrina’s tips, many TikTokers expressed that they’ve had difficulty recovering stolen phones and items from local police departments. The comments section was rife with criticism of the work authorities perform, or lack thereof rather, in obtaining these pilfered items.

“The fact the police actually listened and went to the location has me skeptical,” one user said. “Police straight up told me “and?” When I told them where my phone was.”

“That’s wild because when I called the police here in San Francisco and told them I knew the exact house it was in, they said take it as a loss,” another shared.

“That’s nice that the police department helped,” a third offered. When I tracked my husband’s iPhone the police made us get out of the neighborhood bc it was dangerous.”

One user said they took matters into their own hands, side-stepping any bureaucratic action. “This just happened with my phone a week ago,” they wrote. “But I didn’t call the cops, I just rolled up on the house.”

Some folks were left a bit confused by Katrina’s TikTok as she went through the step-by-step directions rather quickly. Commenters came to the rescue.

“Settings > Face ID and Passcode > Control Center & USB OFF, Privacy > Location services ON, then Apple ID > Find My > Find My iPhone TOGGLE ALL ON,” one user wrote.

“Use someone else’s phone and sign into your apple ID on the find my iphone app and then all your apple devices will be shown,” another noted.

The Daily Dot has reached out to Katrina on TikTok for further comment.

Today’s top stories

*First Published: Aug 7, 2022, 3:50 pm CDT

Jack Alban

Jack Alban is a freelance journalist for the Daily Dot covering trending human interest/social media stories and the reactions real people have to them. He always seeks to incorporate evidence-based studies, current events, and facts pertinent to these stories to create your not-so-average viral post.



Read original article here

World

EXCLUSIVE EU found evidence employee phones compromised with spyware -letter

Leave a comment

July 27 (Reuters) – The European Union found evidence that smartphones used by some of its staff were compromised by an Israeli company’s spy software, the bloc’s top justice official said in a letter seen by Reuters.

In a July 25 letter sent to European lawmaker Sophie in ‘t Veld, EU Justice Commissioner Didier Reynders said iPhone maker Apple had told him in 2021 that his iPhone had possibly been hacked using Pegasus, a tool developed and sold to government clients by Israeli surveillance firm NSO Group.

The warning from Apple triggered the inspection of Reynders’ personal and professional devices as well as other phones used by European Commission employees, the letter said.

Register now for FREE unlimited access to Reuters.com

Register

Though the investigation did not find conclusive proof that Reynders’ or EU staff phones were hacked, investigators discovered “indicators of compromise” – a term used by security researchers to describe that evidence exists showing a hack occurred.

Reynders’ letter did not provide further detail and he said “it is impossible to attribute these indicators to a specific perpetrator with full certainty.” It added that the investigation was still active.

Messages left with Reynders, the European Commission, and Reynders’ spokesman David Marechal were not immediately returned.

An NSO spokeswoman said the firm would willingly cooperate with an EU investigation.

“Our assistance is even more crucial, as there is no concrete proof so far that a breach occurred,” the spokeswoman said in a statement to Reuters. “Any illegal use by a customer targeting activists, journalists, etc., is considered a serious misuse.”

NSO Group is being sued by Apple Inc (AAPL.O) for violating its user terms and services agreement.

LAWMAKERS’ QUESTIONS

Reuters first reported in April that the European Union was investigating whether phones used by Reynders and other senior European officials had been hacked using software designed in Israel. Reynders and the European Commission declined to comment on the report at the time.

Reynders’ acknowledgement in the letter of hacking activity was made in response to inquiries from European lawmakers, who earlier this year formed a committee to investigate the use of surveillance software in Europe.

Last week the committee announced that its investigation found 14 EU member states had purchased NSO technology in the past.

Reynders’ letter – which was shared with Reuters by in ‘t Veld, the committee’s rapporteur – said officials in Hungary, Poland and Spain had been or were in the process of being questioned about their use of Pegasus.

In ‘t Veld said it was imperative to find out who targeted the EU Commission, suggesting it would be especially scandalous if it were found that an EU member state was responsible.

The European Commission also raised the issue with Israeli authorities, asking them to take steps to “prevent the misuse of their products in the EU,” the letter said.

A spokesperson for the Israeli Ministry of Defense did not immediately respond to a request for comment.

Apple’s alerts, sent late last year, told targeted users that a hacking tool, dubbed ForcedEntry, may have been used against their devices to download spyware. Apple said in a lawsuit that ForcedEntry had been the work of NSO Group. Reuters also previously reported that another, smaller Israeli firm named QuaDream had developed a nearly identical tool.

In November, the administration of U.S. President Joe Biden gave NSO Group a designation that makes it harder for U.S. companies to do business with them, after determining that its phone-hacking technology had been used by foreign governments to “maliciously target” political dissidents around the world.

NSO, which has kept its client list confidential, has said that it sells its products only to “vetted and legitimate” government clients.

Register now for FREE unlimited access to Reuters.com

Register

Reporting by Raphael Satter and Christopher Bing in Washington; editing by Grant McCool

Our Standards: The Thomson Reuters Trust Principles.

Read original article here