Pegasus may have snooped through other apps: Report

Israeli spyware Pegasus may have taken control of smartphones through apps other than WhatsApp, according to a report by The Economic Times.

Also read — Did you know? WhatsApp GIFs can hack your phone

Recently, WhatsApp confirmed that spy operators used the Pegasus tool to snoop on at least two dozen academics, lawyers, Dalit activists and journalists in India. Senior government officials in multiple US-allied countries were also targeted, according to a report by Reuters. After the revelation, the government asked WhatsApp to explain the breach of privacy of Indian citizens.

According to the report, Google’s Project Zero team disclosed the zero-day vulnerability in its Android operating system that achieves "full compromise" of a device in September 2019. The bug impacted phones across manufacturers such as Xiaomi, Samsung and Oppo along with Google’s own Pixel. Later, Google's Threat Analysis Group attributed it to the NSO Group.

It is believed that the NSO Group used reverse engineering methods to detect loopholes in WhatsApp's encryption security feature, which the Facebook-owned company app developers weren't even aware (hence called zero-day vulnerability) until May 2019.

More shocking details have emerged that NSO Group may have found similar vulnerabilities in other apps including Gmail, iMessage, Facebook, Telegram and Viber in both the Apple and Android operating systems to track the target users.

As of now, Google has been able to fix the issue in the Gmail and it has even sent a patch to partner mobile partners to make Android OS safe from espionage.

However, Viber and Telegram haven't come forth to disclose any information about resolving the security glitch in their respective apps.

Also read — Pegasus: Over dozen activists, journos confirm

In Apple devices, NSO’s use of malware was first discovered in 2016. Apple released the software patch to fix the security loophole in the iOS software in September 2016, after it found that hackers could have gained access to its devices by making a victim click on a link. Even then, Pegasus spyware was one of the suspects.

Analysts say that a large surveillance economy is growing in India and globally with increasing demand for facial recognition software to spyware. The demand for spyware is not only from governments but also for corporate espionage, Apar Gupta, executive director of the Internet Freedom Foundation told the newspaper.

“It is progressively getting worse for India with a complete absence of surveillance reform or data protection laws. The commercial spyware industry is growing because there is a lack of human rights standards governing the sector,” he added.