Pegasus Spying
The message that Rathod received from WhatsApp. Credit: The Wire.

In September 2018, Citizen Lab published a comprehensive study that identified 45 countries, including India, where malicious software operators called Pegasus are carrying out operations. Citizen Lab was one of the first research organizations to investigate where Pegasus spyware might be used. This week, an Israeli surveillance firm called NSO Group was in the spotlight after WhatsApp filed a lawsuit against the company alleging that it exploited a vulnerability in its video calling capabilities to target and snoop on 1,400 users, including activists and journalists.

A wide-ranging investigation of 17 media outlets found that NSO Groups’ software was used in hacking attacks of human rights activists and journalists on 37 smartphones, the Washington Post reported. WhatsApp brought the matter to light in 2019 when it sued the Israeli spyware maker NSO Group – over its Pegasus-aware spyware that spied on journalists, activists, lawyers and high-ranking government officials in more than 20 countries around the world including India. WhatsApp also disclosed that it had contacted several Indian users believed to have been the target of illegal snooping using the software.

What do we know about the people targeted?

They listed 50,000 phone numbers of people believed to be in the interests of clients of the Israeli surveillance company, some of whom were leaked to major news agencies. According to media reports, human rights activists, journalists and lawyers around the world have been targeted by Israeli spy Pegasus with malicious software that has been sold to authoritarian governments. The 37 smartphones belonging to human rights activists and journalists on the leaked list were among the numbers discovered by the Paris journalist organisation Hidden Stories and the Amnesty International human rights group, according to the Washington Post.

BBC graphic

It was not immediately clear where the list of about 50,000 phone numbers came from people believed to be of interest to the company’s customers and the NSA as a group leaking to the major news agencies, or how many phones had been hacked. The company said the “50,000” figure was an “exaggerated list” and not a list of all the figures targeted by the government for use by Pegasus. His lawyers said the company had no reason to believe that the consortium’s list was not the list but part of a larger list of numbers used by the companies clients for other purposes.

NSO Group does not disclose its clients, but has stated that it sells its technology to Israeli-approved governments to help them target terrorists and break up pedophile, sex and drug trafficking networks. In response to further questions, his lawyers said that the consortium relied on a misleading interpretation of leaked data that was accessible only through open basic information such as the HLR search service and had no impact on the Pegasus list and they saw no correlation between the list and related applications of NSO Group technology.

Israel-based cyber warfare provider NSO Group produces and sells mobile phone spying software called Pegasus. By monitoring government targets, the software convinces the target to click a specially designed exploit link and the click delivers a chain of zero-day exploits that penetrate the security features of the target and install the software without the user’s knowledge or permission. Once the target exploits and installs the software, it contacts the Operator Command and Control (C & C) server to receive and execute operator commands and sends the target’s private data including passwords, contacts lists, calendars, events, SMS, live calls and popular mobile messaging apps.

What Is Pegasus Spyware ?

Pegasus Spyware can be installed on mobile phones and other devices that support versions of the Apple mobile operating systems, iOS and Android. Pegasus was developed by the Israeli cyber weapons company NSO Group, which says it provides authorized government technology to fight terrorism and crime [1] [2] and has published parts of contracts requiring customers to use their products in criminal and national security investigations, and declares that it takes an “industry-leading approach to human rights”.

In May 2019, the Financial Times reported that Pegasus was used to exploit WhatsApp to spy on potential targets. Other Pegasus developers and customers discovered the software in August 2016 after a failed attempt to install it on a human rights activist’s iPhone, revealing details about the software, its capabilities and the vulnerabilities it exploited.

Information Technology Minister Ashwini Vaishnaw dismissed reports of Pegasus-scale hacking software to spy on journalists, activists and opposition leaders on Monday. He said that illegal surveillance in India with existing control mechanisms is not possible. The statement came after the non-profit in Paris Forbidden Stories and Amnesty International shared the list with 17 news organizations as part of the Pegasus project. The list accessed a leaked list of more than 50,000 phone numbers focused on countries known to have monitored their citizens.

Congress is calling for an investigation into the Pegasus spyware issue July 19, 2021, 4.52pm IST Congressional leader Shashi Tharoor called for an independent judicial and parliamentary committee to investigate the matter, although the government denied any involvement in the alleged telephone surveillance with the Pegasus spyware. In a detail published by The Guardian, one of the project’s media partners, pegasus was used against Indian journalists and activists, which Israel denies. 38 Indian journalists were deliberately monitored with the spyware. MPs on the House of Representatives Joint Committee on Israeli spying software Pegasus 21 Nov, 2019, 9: 02 AM IST The committee met on Wednesday to discuss issues such as violations against Indians and cyber attacks on a nuclear power plant in Kudankulam.

This report forms the basis for the publication of Pegasus Project, a joint investigation of over 80 journalists from 17 media organisations in 10 countries, coordinated by Forbidden Stories and with technical support from the Amnesty International Security Lab. In this article, we developed a new Internet scanning technique to identify 45 countries where NSO Group operators operated Pegasus spyware. The security lab conducted in-depth forensic analyses of numerous mobile devices by human rights defenders and journalists around the world.