July 27 (Reuters) – In a letter seen by Reuters, the European Union’s senior justice official said he has found evidence that smartphones used by some of the European Union’s staff were intercepted by an Israeli company’s spyware.
In a letter sent on July 25 to European lawmaker Sophie in ‘t Veld, EU Justice Commissioner Didier Reynders said iPhone maker Apple told him in 2021 that its iPhone would likely be Pegasus, a tool developed by Israeli oversight and sold to government customers. He said he said he was attacked using NSO Group companies.
The letter said the warning from Apple triggered an investigation of Reynders’ personal and professional devices, as well as other phones used by European Commission employees.
Register now for FREE unlimited access to Reuters.com
While the investigation found no conclusive evidence that Reynders’ or EU personnel’s phones had been hacked, investigators did discover “indications of reconciliation,” a term used by security researchers to explain that there is evidence of an attack taking place.
Reynders’ letter did not provide further details and said “it is impossible to conclusively attribute these indicators to any particular perpetrator.” He added that the investigation is continuing.
Messages left to Reynders, the European Commission and Reynders spokesperson David Marechal were not immediately returned.
An NSO spokesperson said the firm would willingly cooperate in an EU investigation.
“Our assistance is even more important as there is no concrete evidence that a violation has occurred so far,” the spokesperson told Reuters. “Any illegal use by a client targeting activists, journalists, etc. is considered serious abuse.”
NSO Group is being sued by Apple Inc (AAPL.O) for violating user terms and service agreement.
QUESTIONS OF LAW MAKERS
Reuters first reported in April that the European Union was investigating whether phones used by Reynders and other top European officials had been hacked using software designed in Israel. Reynders and the European Commission declined to comment on the report at the time.
Reynders’ endorsement of the hacking activity letter was in response to questions from European lawmakers, who earlier this year formed a committee to investigate the use of surveillance software in Europe.
Last week, the committee announced that its investigation found that 14 EU member states had purchased NSO technology in the past.
Reynders’ letter, shared with Reuters by the committee’s rapporteur in ‘t Veld, said authorities in Hungary, Poland and Spain have been or are being questioned in the process about their use of Pegasus.
In ‘t Veld said it was imperative to find out who was targeting the EU Commission, suggesting that it would be particularly scandalous if an EU member state was found to be responsible.
In the letter, it was stated that the European Commission also raised the issue with Israeli authorities and asked them to take steps to “prevent their products from being misused in the EU”.
An Israeli Defense Ministry spokesman did not immediately respond to a request for comment.
Apple’s alerts, sent out late last year, told targeted users that a hacking tool called ForcedEntry may have been used against their devices to download spyware. Apple said in a lawsuit that ForcedEntry was the business of the NSO Group. Reuters also previously reported that a smaller Israeli firm called QuaDream is developing an almost identical tool.
In November, US President Joe Biden’s administration gave the NSO Group a name that made it harder for US companies to do business with them after it determined that phone hacking technology was being used by foreign governments to “maliciously target” political opponents around it. World.
NSO, which keeps its client list confidential, said it only sells its products to “reviewed and legitimate” government customers.
Register now for FREE unlimited access to Reuters.com
reporting by Raphael Satter and Christopher Bing in Washington; Editing by Grant McCool
Our standards: Thomson Reuters Trust Principles.
