WhatsApp claims NSO Group has helped the Indian government spy on over a dozen users in the past
The targeted surveillance took place during the 2019 General Elections (April 11 - May 23)
The government has asked WhatsApp to explain the data breach in its response today
WhatsApp, which is being criticised by all corners for the Pegasus spyware and alleged data breach, has revealed a piece of shocking information. The instant messaging app claimed that the Indian government has previously used the Isreali spyware to spy on a dozen users, including academics, lawyers, activists and journalists.
According to various media reports, the targeted surveillance took place during the 2019 General Elections, which ran from April 11 to May 23 this year. The ruling Bharatiya Janata Party emerged as the single largest party in the elections and Prime Minister Narendra Modi was voted back into power.
Citizen Lab, a cybersecurity research lab at the University of Toronto, in collaboration with WhatsApp, investigated the matter and reported that human rights defenders, activists, and journalists were generally targetted by the Pegasus spyware on WhatsApp. However, neither Citizen Lab nor WhatsApp identified the targets by name, a Reuters report stated.
A recent list announced by Newslaundry revealed some of the names and information that hint at the Indian government’s involvement with the NSO Group and the Pegasus spyware.
The names include journalist Nihalsingh Rathod, activists Degree Prasad Chouhan, Sidhant Sibal, Saroj Giri, Vivek Sundara, Ashish Gupta, Rupali Jadhav and Bela Bhatia; lawyer Shalini Gera; academics Anand Teltumbde and Saroj Giri; tv and radio producer: Shubhranshu Choudhary.
A Cost Only The Government Can Afford
Gera, who is a human rights lawyer, said in a report that Citizen Lab contacted her about two weeks ago, and said that her name was on the list of numbers that were snooped on using Whatsapp. She added, “I was informed that the software used to target my phone, cost millions of dollars and only an institution such as government could afford it!”
After the spyware Pegasus made headlines, WhatsApp has confirmed that the Israeli surveillance company, NSO Group, was behind this massive breach and has filed a lawsuit in US federal court on October 29, 2019.
For those unaware, Pegasus is spyware developed by NSO Group and Q Cyber Technologies, which includes products like Q Suite — one of the most sophisticated spyware available in the market which can infiltrate both iOS and Android devices.
How Does Pegasus Spyware Work On WhatsApp?
Once installed, it begins contacting the operator’s command and control (C&C) servers to receive and execute instructions and send back the target’s private data, including passwords, contact details, calendar events, text messages and live voice calls from popular mobile messaging apps including WhatsApp.
The unauthorised user can even access the phone’s camera and microphone to capture activity and track a target’s location and movements using the GPS function.
NSO Group, however, has denied the allegations.
WhatsApp Versions Affected By Pegasus
- WhatsApp for Android prior to v2.19.134
- WhatsApp Business for Android prior to v2.19.44
- WhatsApp for iOS prior to v2.19.51
- WhatsApp Business for iOS prior to v2.19.51
- WhatsApp for Windows Phone prior to v2.18.348
- WhatsApp for Tizen prior to v2.18.15
Government, WhatsApp Blame Each Other
Earlier today, the Indian government has asked WhatsApp to explain the breach by November 4, 2019, and also share its plans for preventing such occurrences in the future.
While sharing the government’s stance on the breach, IT minister Ravi Shankar Prasad said in a tweet that the BJP-led government is concerned about the breach.
“We have asked WhatsApp to explain the kind of breach and what it is doing to safeguard the privacy of millions of Indian citizens,” the minister added.