The Union government has asked messaging service WhatsApp to explain the reported act of snooping into the accounts of journalists and activists using Israeli spyware. The Ministry of Information Technology has asked WhatsApp to reply by 4 November. The central government sought an explanation after WhatsApp confirmed that Spyware Pegasus was active in India and was also spying on some select users here.
The Ministry of Information Technology has asked for a detailed reply from the company by 4 November. On Thursday, Facebook-owned WhatsApp said that Israeli spyware Pegasus was spying on Indian journalists and human rights activists.
BJP spokesman Amit Malviya has questioned the timing of the report. The BJP spokesman asked if WhatsApp contacted the targeted people first, why they did not come forward. WhatsApp sent messages to those who had been spied upon. Malviya said that WhatsApp should disclose the names of people who were targeted by the spyware.
In a newspaper this morning, it was reported that the WhatsApp accounts of 100 odd Indian users were compromised but the messaging medium had promptly made the users aware of the security breach. WhatsApp CEO told The Indian Express that Indian journalists and human rights activists were the targets of this espionage. “Indian journalists and human rights activists have been the target of surveillance and while I cannot reveal their identities and the exact number, I can say that it is not an insignificant number.”
According to WhatsApp chief Will Cathcart, “At least 100 human rights defenders, journalists and other members of civil society across the world” have been the victims of this malicious attack.
However, the company has not revealed the names of the users. Pegasus, created by the NSO Group for governments, cannot be used by just about anybody.
The big question is, who used it to spy on Indian journalists and human right activists? Or who gave the green signal for its use?
This spyware named Pegasus has been in India for a long time and people have been spied upon from time to time. Israel’s NSO Group designed it. WhatsApp yesterday sued the Israeli agency NSO Group in the US Federal Court. WhatsApp has alleged that the NSO Group has targeted and spied 1,400 WhatsApp users through its spyware named Pegasus.
How WhatsApp security is breached using Pegasus
No one can breach your WhatsApp content unless you (inadvertently) allow anybody to. Spyware Pegasus could not installed itself on the smartphone of the target without his/her knowledge. The spy — who cannot be an ordinary citizen as Israel does not sell Pegasus to all and sundry — needs security permissions of the phone. So, what he does is persuade you to click on an ‘exploit link’ built for espionage. The spy could call you for the purpose or use somebody you trust to make the call. Only a missed video call on Whatsapp does the trick and opens up the phone.
When you install Pegasus on your phone unwittingly, the malware connects with the operator’s control servers and commands, which further give the malware orders that are promptly executed. Now, the operator has easy access to your sensitive information, including passwords, contacts, text messages, and even voice calls from mobile messaging platforms.
The spy has access to your phone’s camera and microphone as well. He can capture any event or happenings going on in the surroundings of the phone. You are no more required to even click on the exploit link.