Now, CERT-In Claims It Alerted Govt Of Pegasus Spyware Before WhatsApp

Now, CERT-In Claims It Alerted Govt Of Pegasus Spyware Before WhatsApp

SUMMARY

CERT-In says it published an advisory about the malware attack on May 17

WhatsApp claims to have informed the government three days later without mentioning ‘Pegasus’

CERT-In has been accused of obfuscating facts by deleting vulnerability reports that WhatsApp has submitted in May

In a new twist to the Pegasus and the NSO Group’s WhatsApp spyware saga, India’s Computer Emergency Response Team (CERT-In) revealed on Wednesday (November 6) that it had published an advisory on the malware attack on the app’s users, three days before the Facebook-owned platform first alerted the Indian government.

According to a report, the country’s nodal cybersecurity agency, CERT-In said that it had picked up the threat by using internal tools deployed to check vulnerabilities and published its first advisory to Indian users on May 17.

At that time, the agency had rated the severity as ‘high’ and stated that the vulnerability could be exploited via ‘WhatsApp voice call,’ the report added.

However, the alert by WhatsApp, which was delivered to the agency later in May, did not have any mention of ‘Pegasus,’ a malware developed by Israeli surveillance firm NSO Group to attack the users. The advisory, which warned users against WhatsApp’s vulnerabilities, was removed for a few days after the Pegasus spyware made the headlines. However, the removal did not go well with the members of civil society and privacy enthusiasts, who accused the agency of trying to hide facts.

Earlier yesterday, the CERT-In website came back online after a brief outage.

WhatsApp Vs Indian Government: Pegasus Spyware

In response to reports about the Pegasus spyware, the government picked up on the ‘vague response’ by WhatsApp. The government had claimed that WhatsApp did not mention at all those who are targeted may still be under attack.

WhatsApp then said it had also written to the government In September, stating that there was a spyware ‘attempt’ on 121 Indians and that around 20 Indian users of the messaging app may have had their devices hacked.

Since the Pegasus spyware breach came to light, the ministry of electronics and IT (MeitY) and WhatsApp have been playing a blame game and waging a war of words with the government accusing the company of not disclosing the seriousness of the malware attack and vice versa.

The Indian government claims WhatsApp never revealed anything about Pegasus spyware or the relevance of the attack, which targeted 121 Indians, including journalists, activists and academia, among others.

WhatsApp retorted by saying it informed the Indian government twice, in May and September 2019, regarding the spyware. But, now after CERT-In’s latest advisory stating that it had published the vulnerability three days prior to WhatsApp, looks like the government may have the upper hand in this debate.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Now, CERT-In Claims It Alerted Govt Of Pegasus Spyware Before WhatsApp-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Now, CERT-In Claims It Alerted Govt Of Pegasus Spyware Before WhatsApp-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Now, CERT-In Claims It Alerted Govt Of Pegasus Spyware Before WhatsApp-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Now, CERT-In Claims It Alerted Govt Of Pegasus Spyware Before WhatsApp-Inc42 Media
Now, CERT-In Claims It Alerted Govt Of Pegasus Spyware Before WhatsApp-Inc42 Media
You’re in Good company