More than a dozen senior Indonesian government and military officials were targeted last year with spy software designed by an Israeli security company, according to nine people with knowledge of the case.
Six of the individuals told Reuters news agency that they had been targeted themselves.
According to the population, the targets included Chief Economic Minister Airlangga Hartarto, senior military personnel, two regional diplomats and advisers to the Indonesian ministries of Defense and Foreign Affairs.
Six of the targeted Indonesian officials and advisers told Reuters they received an email from Apple Inc in November 2021 stating that Apple believed officials were “targeted by state-sponsored attackers”.
Apple has not disclosed the identity or number of targeted users. The company declined to comment on this story.
Apple and security researchers have said the recipients of the alerts were targeted by ForcedEntry, an advanced piece of software used by Israel’s cybersurveillance provider NSO Group to help foreign spy agencies take control of iPhones remotely and invisibly. Another Israeli cyber company, QuaDream, has developed an almost identical hacking tool, Reuters reports.
Reuters was unable to determine who created or used the spyware to attack Indonesian officials, whether the attempts were successful and, if so, what the hackers would have obtained as a result.
The attempt to attack Indonesian officials, which has not been previously reported, is one of the largest cases to date of the software being used against government, military and Ministry of Defense personnel, according to cybersecurity experts.
Spokespersons for the Indonesian government, the Indonesian military, the Indonesian Defense Ministry and the Indonesian Cyber and Crypto Agency (BSSN) did not respond to requests for comment and emailed questions.
A spokesman for the State Department said he was not aware of the matter and referred Reuters to BSSN.
Airlangga Hartarto, a top ally of Indonesian President Joko Widodo, did not respond to questions Reuters sent him, nor did his representatives.
The use of ForcedEntry, which exploits a flaw in iPhones through a new hacking technique that requires no user interaction, was made public in September 2021 by cybersecurity watchdog Citizen Lab. Google security researchers described it as the “most technically advanced” hacking attack they’d ever seen, in a company blog post published in December.
Apple patched the vulnerability last September and started sending notifications in November to what it called a “small number of users it discovered to be targeted”.
In response to questions from Reuters, an NSO spokesperson denied that the company’s software was involved in attacking Indonesian officials, dismissing it as “contractually and technologically impossible,” without specifying why. The company, which does not disclose the identities of its customers, says it only sells its products to “veiled and legitimate” government agencies.
QuaDream did not respond to requests for comment.
In addition to the six officials and advisers who told Reuters they were targeted, a director of an Indonesian state-owned company that supplies weapons to the Indonesian military received the same message from Apple, according to two knowledgeable people. The people asked not to be identified due to the sensitivity of the case. The company president did not respond to requests for comment.
Within weeks of Apple’s notification last November, the U.S. government added NSO to the Department of Commerce’s “entity list,” making it more difficult for U.S. companies to do business with it after finding that the technology for hacking into the company’s phones had been used by foreign governments to “maliciously attack” political dissidents around the world.