A report published by an Indian online news portal on Sunday, 18 July, revealed that Israel-made spyware Pegasus was believed to have been used to snoop on at least 300 Indian phone numbers that includes over 40 senior journalists, opposition leaders, government officials, and rights activists.
The report published by The Wire, said that the 'leaked data includes the numbers of top journalists at big media houses like the Hindustan Times, including executive editor Shishir Gupta, India Today, Network18, The Hindu and Indian Express'.
Pegasus, a product of Israeli cyberweapons company NSO Group, was earlier in the news in late 2019 when it was found that spies used the spyware to hack into phones of roughly 1,400 users around the world, including 121 Indians.
The investigation was conducted by The Guardian and 16 other media outlets. The Guardian report specifically uses the term “authoritarian governments” as being behind the snooping.
Meanwhile, the Indian government has issued its first response to the breaking news, saying “No unauthorized interception by government agencies”.
Pegasus is the hacking software – or spyware – that is developed, marketed and licensed to governments around the world by the Israeli company NSO Group. It has the capability to infect billions of phones running either iOS or Android operating systems.
The earliest version of Pegasus discovered which was captured by researchers in 2016, infected phones through what is called spear-phishing – text messages or emails that trick a target into clicking on a malicious link.
In 2019 WhatsApp revealed that NSO’s software had been used to send malware to more than 1,400 phones by exploiting a zero-day vulnerability. Simply by placing a WhatsApp call to a target device, malicious Pegasus code could be installed on the phone, even if the target never answered the call. More recently NSO has begun exploiting vulnerabilities in Apple’s iMessage software, giving it backdoor access to hundreds of millions of iPhones. Apple says it is continually updating its software to prevent such attacks.
The parent company of the spyware NSO has denied that the leaked list was linked in any way to the functioning of its software. In response to the Pegasus Project, NSO has said that people in the list were not targeted by the governments using Pegasus but were maybe a part of a larger list of numbers that other customers of theirs used for different purposes.
A majority of the journalists featured in the list were based out of the national capital, the report said. However, it also added that the list of journalists from the leaked list could not be considered exhaustive.
Two years back, WhatsApp had informed several Dalit rights lawyers and activists of the spyware attack that had targeted them in May 2019, the activists had told the media portal, The Quint.
Among the 121 Indian citizens who were victims of surveillance are Bhima Koregaon lawyer Nihal Singh Rathod, Elgar Parishad accused Anand Teltumbde, Bastar-based human rights lawyer Bela Bhatia, jailed activist Sudha Bharadwaj's lawyer Shalini Gera, Gadchiroli-based lawyer Jagdish Meshram among others.