July 27 (Reuters) – The European Union has found evidence that smartphones used by some of its employees were stolen by an Israeli company’s spyware, the bloc’s top justice official said in a letter seen by Reuters.
European Union Justice Commissioner Didier Reynders said in a July 25 letter to MEP Sophie in ‘t Veld that iPhone maker Apple told him in 2021 that its iPhone was manufactured by Israeli surveillance and sold to government customers through Pegasus. is broken. firm NSO Group.
The letter says Apple’s alert led to checks on Reynders’ personal and professional devices, as well as other phones used by European Commission employees.
Sign up now for FREE unlimited access to Reuters.com
While the investigation did not find conclusive evidence that Reynders’ or EU employees’ phones were hacked, investigators found “indicators of compromise” – a term used by security researchers to describe the existence of evidence that a hack had taken place.
Reynders’ letter did not provide further details, saying that “it is not possible to link these indicators with absolute certainty to a specific criminal.” He added that the investigation is still active.
Messages left with Reynders, the European Commission and Reynders spokesman David Marechal were not immediately returned.
An NSO spokesman said the firm would willingly cooperate with the EU investigation.
“Our assistance is all the more important because there is no concrete evidence yet that a breach has taken place,” the spokesman told Reuters. “Activists, journalists, etc. by the client. any illegal use targeting is considered serious abuse”.
NSO Group is being sued by Apple Inc ( AAPL.O ) for violating its user terms and services agreement.
QUESTIONS OF THE QUESTIONS
Reuters first reported in April that the European Union was investigating whether phones used by Reynders and other senior European officials were hacked using software developed in Israel. Reynders and the European Commission declined to comment on the report at the time.
Reynders’ admission of hacking in his letter was made in response to inquiries from European lawmakers, who earlier this year set up a committee to investigate the use of surveillance software in Europe.
Last week, the committee announced that its investigation found that 14 EU member states had purchased NSO technology in the past.
Reynders’ letter, shared with Reuters by committee rapporteur ‘t Veld, said officials in Hungary, Poland and Spain had been questioned or questioned about their use of Pegasus.
In ‘t Veld said it was important to find out who targeted the EU Commission and it would be particularly scandalous if an EU member state was found to be responsible.
The letter states that the European Commission raised this issue with Israeli officials and asked them to take steps “to prevent abuse of its products in the EU.”
A spokesman for the Israeli Defense Ministry did not immediately respond to a request for comment.
Apple warnings sent out late last year told targeted users that a hacking tool called ForcedEntry could be used to download spyware against their devices. Apple said in court that ForcedEntry was the work of NSO Group. Reuters previously reported that another small Israeli firm called QuaDream was developing a nearly identical tool.
In November, US President Joe Biden’s administration gave NSO Group a designation that made it harder for US companies to do business with them, after it determined that its phone-hacking technology was being used by foreign governments to “maliciously target” political dissidents in the region. the world.
NSO, which keeps its customer list confidential, said it only sells its products to “vetted and legitimate” government customers.
Sign up now for FREE unlimited access to Reuters.com
Reporting by Raphael Satter and Christopher Bing in Washington; Edited by Grant McCool
Our standards: Thomson Reuters Trust Principles.
