In India, the numbers of phones belonging to hundreds of journalists, activists, opposition politicians, government officials and business executives were found on a database of targets for hacking that used the Israeli spyware 'Pegasus,' which is exclusively available to governments, media outlets reported on July 18.
The Pegasus snoop list has 40 Indian journalists at Hindustan Times, The Hindu, The Wire, Indian Express, News18, India Today, Pioneer, besides freelancers, columnists, and regional media. Three major opposition figures, one constitutional authority, two serving ministers in the Narendra Modi government, current and former heads and officials of security organisations, and scores of businesspeople are also among those in the database.
What is Pegasus?
The spyware believed to be around at least since 2016 was developed by the Tel Aviv, Israel based cyber intelligence and security firm NSO Group. Pegasus, the most advanced among all such snoop ware available in the market, is also known by other names like Q Suite and Trident.
The spyware was created to hack computers and smartphones in order to collect data and deliver it to a third party. It is malicious since it collects data without the person's permission.
NSO Group, on the other hand, stated that their goal was to "create best-in-class technologies to assist government agencies in detecting and preventing terrorism and crime."
Reportedly, NSO Group has “60 government customers in 40 countries” with offices in Bulgaria and Cyprus and is “majority-owned by Novalpina Capital, a London-based private equity firm.”
In 2016, an Arab activist got a strange message on his iPhone, which confirmed the existence of Pegasus malware. Following that, Apple launched a software update to close the loophole exploited by Pegasus in order to hack phones. Similar flaws were discovered in Android phones a year later.
Also Read: 40 Indian Journalists Phone Numbers Found On Leaked List Of Surveillance Targets
How does it work?
Pegasus, the most advanced" hacking tool, is so undetectable that a phone user would not even realise their device has been hacked.
Hackers that use Pegasus exploit software loopholes and security bugs to instal malware on targets' phones - mostly iPhones and Android smartphones.
The first version of Pegasus detected in 2016 used a technique known as "spear phishing" to get access to phones. The spyware user would send a text message or an email to the target device using this method, then it would download on the device once the receiver clicked a link in the email or message, and begin transmitting information to the attacker.
Pegasus in 2021 is a considerably more advanced version of Pegasus in 2016, and it can now carry out a so-called "zero-click" attack, which means it can enter a phone with almost no action from the target.
The malware is so undetectable that it may be deployed simply by a missed call. It even deletes the call log record once penetrated, leaving no trace on the device.
Apart from data theft, Pegasus may erase all information from the host device, including caller logs, calendar events, and so on, ensuring that the target person's data is stolen without their knowledge.
Also Read: Leaked Pegasus List Reveals Govt Officials, Opposition Leaders & Activists Part Of Snooping In India
Can the spyware read Whatsapp messages?
Despite, Whatsapp’s end-to-end encryption the hacker can read your chats. End-to-end encryption means that after the message is typed out and sent and before it is read on the receiver’s phone, it is scrambled in a way that anybody who intercepts the data would not be able to read it.
But, such encryption is useful against “man-in-the-middle” attacks, not “against ‘endpoint’ attacks, which target either end of the communication”.
Because the Pegasus spyware has access to the tech on the target's device that decrypts the encryption and makes it accessible for the target, it can read the WhatsApp message.
Controversies surrounding Pegasus spyware
- July 2021- Recently, the Pegasus may have been used to spy on about 300 Indians, including two serving Cabinet ministers at the Centre, three opposition leaders, a Constitutional authority, government officials, scientists, and about 40 journalists.
Reportedly, forensic tests have confirmed that some of them were successfully snooped on by an unnamed agency.
- In 2019, Facebook sued NSO for creating Pegasus, a malware that infected the smartphones of a number of prominent figures. WhatsApp, which is owned by Facebook, revealed that Pegasus malware was used to spy on Indian journalists and human rights activists.
The company also alleged that the Indian government was involved in spying as Indian ministers, opposition leaders, and journalists' phone numbers were found on a database of hacking targets using Pegasus.
- Mexican drug cartels use Pegasus to target and intimidate Mexican journalists.
- Pegasus software, which is sold to other countries under a licence from the Israeli government, was used by Saudi Arabia to spy on a Saudi dissident's phone and follow his communications with journalist Jamal Khashoggi, who was assassinated in 2018.