The European Union found evidence that smartphones used by its staff were compromised by an Israeli company’s spy software, says a report citing a letter by the bloc’s top justice official.
In a July 25 letter to EU lawmaker Sophie in ‘t Veld, EU Justice Commissioner Didier Reynders said iPhone maker Apple told him in 2021 that his iPhone had probably been hacked using Pegasus, spyware developed and sold to governments worldwide by Israeli surveillance firm NSO Group, according to a report by Reuters.
The letter states that Apple’s warning prompted an inspection of the official’s personal and professional devices, as well as other phones used by European Commission employees.
Although the investigation did not find conclusive evidence that Reynders or EU staff’s phones had been hacked, researchers did find “indicators of compromise,” a term used by security researchers to describe evidence that hacking had occurred.
The letter does not divulge further details and Reynders said it was “impossible to attribute these indicators to a specific perpetrator with full certainty.”
An NSO spokesman, according to the report, said the company would cooperate with the EU investigation.
“Our assistance is even more crucial, as there is no concrete proof so far that a breach occurred,” the spokeswoman said in a statement to Reuters. “Any illegal use by a customer targeting activists, journalists, etc., is considered a serious misuse.”
The group has been sued by Apple for violating its user terms and service agreement.
According to the letter, officials in Hungary, Poland, and Spain have been or are being questioned about their use of Pegasus.
Reynders said it was important to find out who targeted the EU Commission, and it would be scandalous if it was found that an EU member state was responsible.
The letter further states that the European Commission has raised the issue with the Israeli regime authorities and asked them to take measures to prevent the abuse of their products in the European Union.
Reuters first reported in April that the European Union was investigating whether phones used by Reynders and other top European officials were hacked using software designed in Israel.
Reynders and the European Commission declined to comment on the report at the time.
Reynders’ admission in the letter of hacking activity was made in response to questions from European lawmakers.
Earlier this year, lawmakers formed a committee to look into the use of surveillance software in Europe.
Last week, the committee announced that its research showed that 14 EU member states had purchased NSO technology in the past.
Pegasus has been used by governments to hack the phones of political leaders, human rights activists, and journalists worldwide.
The Israeli NSO Group maintains notoriety for trying to have its spy apparatuses maintain an edge over their international counterparts.
The regime makes extensive use of Pegasus and other locally made spyware for espionage.
According to experts, Tel Aviv has treated NSO as a de-facto arm of the regime, granting licenses for selling Pegasus spyware to numerous countries, to forge stronger security and diplomatic ties.
In January, New York Times reported that the FBI had purchased Pegasus software in 2019.
It also stated that in 2018 the CIA purchased Pegasus for the government of Djibouti to conduct counterterrorism operations, despite the country’s record of torturing political opposition figures and imprisoning journalists.