At least 24 journalists, lawyers and activists in the country were targeted for surveillance in the weeks before May 2019, WhatsApp confirmed to the Indian Express newspaper today (Oct. 31, 2019). The culprit? Pegasus—a technology developed by the Israeli cyber-security firm NSO.
How does Pegasus work?
Pegasus sends people “exploit links” that tempt people to click on it. Once a user clicks on the link, the malware can penetrate a phone’s security features, and Pegasus gets installed on the device without the owner’s knowledge or permission. Once in the mobile system, Pegasus can extract the user’s private data, including passwords, contact lists, text messages, and even voice calls.
In this instance, a missed voice call on WhatsApp may have sufficed to open up the phone and infiltrate it. “In May 2019 we stopped a highly-sophisticated cyber-attack that exploited our video calling system in order to send malware to the mobile devices of a number of WhatsApp users,” the Facebook-owned company said in a statement.
The Indian Express report comes a day after WhatsApp waged a legal war in the US, alleging that NSO hacked over 1,400 devices. However, the firm has denied the accusations.
PM Modi’s “open transparent government
This isn’t India’s first brush with Pegasus. In September 2018, Canada-based digital watchdog Citizen Lab found infections associated with 33 of the 36 Pegasus operators it identified in 45 countries, including India.
Pegasus has been around for at least three years now. The mobile espionage software was meant for use by governments that could purchase it on a per-licence basis. However, time and again, it has been suspected to be involved in illicit practices. Touted as “the most sophisticated attack” by cybersecurity company Lookout, this silent jailbreak is among the hardest to catch.
While the jury is still out, Twitter is abuzz with speculation. If NSO claims to only sell to vetted government agencies, and Indians were spied upon, who commissioned it? That’s a question on everyone’s minds.
Member of Parliament Kapil Sibal, who belongs to opposition Indian National Congress, sarcastically called out Prime Minister Narendra Modi’s “open transparent government.”
“Same Israeli based NSO Group’s Pegasus software was used by Saudi Arabia to spy on murdered journalist Jamal Khashoggi,” noted Delhi-based journalist Arvind Gunasekar tweeted.
