Phones of at least Two Indian Journalists Infected by Pegasus Spyware: Amnesty International
NEW DELHI, Dec 28: The Amnesty International’s Security Lab is claimed to have found traces of Pegasus Spyware in mobile phones of The Wire new website’s founder editor Siddharth Varadarajan and another Indian journalist, Amnesty International revealed on Thursday.
The non-profit organisation said it was able to determine the presence of the spyware after testing their devices. The journalists had received an alert from Apple that they were being targeted by “state-sponsored hacking” following which they provided their phones to Amnesty for testing. NSO Group, the Pegasus spyware’s developer, only sells its technology to governments. India’s Intelligence Bureau imported hardware from NSO Group in 2017, trade data show.
The US-based media reports also said after the security alerts went out in October, government officials put pressure on Apple to offer ‘alternative’ explanations to the public on why these warnings were sent to Opposition leaders and journalists. Union Ministers and Apple had made a series of misleading and unsubstantiated statements when these alerts went out, such as that these messages had gone out in 150 countries, when no other countries’ citizens — or ruling party lawmakers — had reported receiving a warning that week.
The media report also said Praveen Chakravarty, the chairman of the All India Professionals’ Congress, was also likely targeted, based on an analysis of his phone by iVerify, a cybersecurity firm.
The Pegasus spyware, which the Union government has not categorically denied buying or using, allows attackers to extract all the contents of smartphones by leveraging software weaknesses that are known to a select few hackers, and sold for millions of dollars. These so-called ‘zero day exploits’ allow attackers to access all the data on even phones whose software has been fully updated, and access real-time camera and microphone data. Such technology, privacy activists argue, is an unconstitutional form of surveillance. Dozens of Opposition leaders, journalists and activists were targeted by Pegasus until 2021, according to the “Forbidden Stories” which reported on a leak of the spyware’s global targets.
“Targeting journalists solely for doing their work amounts to an unlawful attack on their privacy and violates their right to freedom of expression. All states, including India, have an obligation to protect human rights by protecting people from unlawful surveillance,” said Donncha Ó Cearbhaill, head of the Security Lab that uncovered the infections.
“The recovered samples are consistent with the NSO Group’s BLASTPASS exploit, publicly identified by Citizen Lab in September 2021 and patched by Apple in iOS 16.6.1 (CVE-2023-41064),” Amnesty said in a statement, referring to a vulnerability that Apple patched through a software update in September.
Both Mr Varadarajan and Anand Mangnale, South Asia Editor at the Organised Crime and Corruption Report Project (OCCRP), had spyware that logs show infected their phones this year. The OCCRP had reported last year that the Intelligence Bureau (IB) obtained Pegasus. Ten months later, Mr Mangnale’s phone was infected, Amnesty found.
Mr Varadarajan’s phone was found to be infected on October 16. Both men received alerts from Apple in October. The Union government said it was investigating these alerts, which were sent to numerous Opposition members of Parliament as well.
The Union government was reportedly looking for Pegasus alternatives after the NSO Group’s activities came under global scrutiny, but the spyware’s continued use after the furore has only emerged now. The Defence Intelligence Agency’s Signal Intelligence Directorate has purchased equipment from Cognyte, a company that has been sued in the United States on similar snooping grounds.