Israeli spyware snooped on Indian users on WhatsApp

WhatsApp has confirmed that Indian journalists and human rights activists have been targets of surveillance by operators using Israeli spyware Pegasus.

Representative image. (AFP photo)

WhatsApp has confirmed that Indian journalists and human rights activists have been targets of surveillance by operators using Israeli spyware Pegasus, according to a report by The Indian Express. 

The Facebook-owned messaging platform did not reveal the identities or “exact number” of those targeted for surveillance in India, but stated that they have contacted each one of them.
“Indian journalists and human rights activists have been the target of surveillance and while I cannot reveal their identities and the exact number, I can say that it is not an insignificant number,” a WhatsApp spokesperson said.

According to the report, at least two dozen academics, lawyers, Dalit activists and journalists in India were contacted and alerted by WhatsApp that their phones had been under state-of-the-art surveillance for a two-week period until May 2019.

WhatsApp on Tuesday filed a complaint in US court that attributes the attack to a spyware company called NSO Group and its parent company Q Cyber Technologies. The complaint alleges they violated both U.S. and California laws as well as the WhatsApp Terms of Service, which prohibits this type of abuse.

What we know about NSO Group

Founded in 2010 by Israelis Shalev Hulio and Omri Lavie, NSO Group is based in the Israeli seaside hi-tech hub of Herzliya, near Tel Aviv. It says it employs 600 people in Israel and around the world.

It produces Pegasus, a highly invasive tool that can reportedly switch on a target's cell phone camera and microphone and access data on it, effectively turning the phone into a pocket spy.

NSO Group's annual report filed in February of 2019 listed Israel-based Q Cyber as the only active director and its majority shareholder, according to a lawsuit filed by WhatsApp.

Here's how the Pegasus tool works

The spyware operator sends a message on WhatsApp with a harmless looking URL link and if the receiver unwittingly clicks it. The Pegasus tool, which comes with a sophisticated feature can bypass the phone's security and get uploaded into the phone without the owner's knowledge. What's more alarming is that it can even infect the target phone with just a missed video call.

Once inside, it can access all sensitive information including SMS, photos, locations, passwords, audio calls on third-party apps and more, and relay it to the spy operator via C&C (Command and Control) method. The tool can even independently switch on the camera and the microphone and start recording to help spy operators track the target in real-time.

WhatsApp detected the security breach in May 2019 and fixed the loophole in the same month.

What has been NSO Group's response

The NSO Group has denied any such activity. “In the strongest possible terms, we dispute today’s allegations and will vigorously fight them. Our technology is not designed or licensed for use against human rights activists and journalists, it said in a statement.

After doubts about this technology were first raised in May, the NSO Group said it put in place a ‘Human Rights Policy’ on September 19 which “further embeds human rights protections throughout our business and governance systems”.

The NSO Group has claimed that Pegasus has been sold only to government agencies. “We license our product only to vetted and legitimate government agencies,” it said.

DH Newsletter Privacy Policy Get top news in your inbox daily
GET IT
Comments (+)