New Delhi: The government has asked for WhatsApp’s response on a snowballing spyware scandal by November 4 after the Facebook-owned messaging service confirmed that it contacted several Indian users this week to inform them that they had been targeted by Israeli spyware earlier this year in a hacking spree that included journalists, activists, lawyers and senior government officials.
Indian journalists and activists are believed to have been targets of surveillance for a two-week period until May, when national elections were held. The users were informed before WhatsApp’s parent company Facebook sued Israeli cybersecurity company NSO on Tuesday, alleging that it used WhatsApp servers to spread malware to 1,400 users across 20 countries. Pegasus, a spyware developed by NSO, was used to break into the phones.
Nihal Singh Rathod, a human rights lawyer representing several accused in the Bhima-Koregaon case, is among the targets. Others include activist Bela Bhatia, lawyer-activist Degree Prasad Chauhan, rights activist Anand Teltumbde and journalist Sidhant Sibal.
“The person who called me explained how I had been targeted and the person clearly told me we can clearly and categorically say your own government has done this,” Bela Bhatia, an activist who works in Chhattisgarh, told NDTV.
The government has denied any role. NSO, denying any wrongdoing, stated that the spyware Pegasus is licensed only to “vetted and legitimate government agencies”.
The spyware gave the attackers access to users’ messages, calls and passwords as it took over the phone’s operating system. It could also turn the mobile into a microphone that could listen to conversations in a room.
WhatsApp has declined to give the exact number of those targeted but claims each affected user was informed. “We quickly added new protections to our systems and issued an update to WhatsApp to help keep people safe. We are now taking additional action, based on what we have learned to date,” WhatsApp says in a statement.
WhatsApp has sought more than $75,000 in damages from NSO. It is believed that the spyware was used to snoop on Indian activists and journalists for nearly two weeks in April.
The spyware “Pegasus” gets into the user’s phone when the person gets a video call. As the phone rings, the attacker transmits a malicious code and the spyware is installed even if the user does not answer the call at all. By taking over the phone’s systems, the attacker gets access to the user’s WhatsApp messages and calls, regular voice calls, passwords, contact lists, calendar events, phone’s microphone and camera.
Pegasus was designed, in part, to intercept communications sent to and from a device, including communications over iMessage, Skype, Telegram, WeChat, Facebook Messenger, WhatsApp, and others.
The Congress targeted the government and urged the Supreme Court to serve notice to it. “Modi Government caught snooping! Appalling but not Surprising! After all, BJP Government fought against our right to privacy, set up a multi crore Surveillance Structure until stopped by Supreme Court. SC must take immediate cognisance and issue notice to BJP government,” tweeted Congress spokesperson Randeep Surjewala.
