WhatsApp has revealed that Israeli spyware Pegasus was used to snoop on Indian journalists and human rights activists in a disclosure that followed a lawsuit in a US federal court in San Francisco on Tuesday. Facebook-owned WhatsApp alleged that over 1,400 WhatsApp users were targets of surveillance by Pegasus.
While WhatsApp declined to mention the number of people compromised, or even their identities, a WhatsApp spokesperson told The Indian Express that the company was aware of the issue and had contacted each one of them. The spokesperson did state the number of people targeted were “not an insignificant number.”
The report by Indian Express claims at least two dozen academics, lawyers, Dalit activists and journalists across India were alerted by WhatsApp that their phones have been under surveillance for a two-week period till May 2019. The time period coincides with the 2019 General Elections in India.
The NSO group which built the Pegasus spyware strongly denied WhatsApp’s allegations. In a statement to the Indian Express, the NSO said, “In the strongest possible terms, we dispute today’s allegations and will vigorously fight them. Our technology is not designed or licensed for use against human rights activists and journalists.”
Doubts about NSO’s technology were first raised back in May when Amnesty International filed an lawsuit in an Israeli court alleging the Pegasus spyware created by the NSO Group has been used to keep tabs on its staff and other human rights activists.
The NSO Group claimed that it licenses the software only to vetted and legitimate government agencies.
The Pegasus spyware doesn’t intercept WhatsApp messages from one end or the other. Instead, it convinces the target to either click on a ‘exploit link’ after which, the pegasus spyware is installed without the user’s knowledge. The spyware then begins contacting the command and control servers to receive and execute commands. The software can send back voice calls, text messages, calendar events, contact lists, passwords and even turn on the phone’s camera and microphone. In later versions, Pegasus did not even have to send a clickable link. It could infect the phone through a missed video call on WhatsApp.
As a result, while WhatsApp’s messages continued to remain encrypted end-to-end, the spyware was able to capture the data simply by monitoring what’s being typed on screen.