Several lawyers and activists have confirmed their phones were hacked after WhatsApp confirmed Indian users were targets of surveillance by operators using Israeli company NSO Group’s spyware Pegasus.
The Indian Express first reported the development, after which many of the people affected realised they had been targeted.
The Facebook-owned messaging platform said it had contacted affected users this week, however, it has not publicly identified the number or name of people targeted.
List of people targeted
Nihalsingh Rathod, lawyer
Nihalsingh Rathod, a human rights lawyer representing several accused in the Bhima-Koregaon case, confirmed to HuffPost India he was one of the targets.
Rathod told HuffPost India he learnt he was a target when he was contacted by a researcher from the University of Toronto’s Citizen Lab on October 7 2019.
Soon after his call with Citizen Lab, Rathod received a generic message from WhatsApp’s business account saying his phone may have been impacted by a malware, asking him to upgrade to the latest version of WhatsApp and keep his phone’s operating system up to date.
Rupali Jadhav, an anti-caste activist from Pune who is associated with the Kabir Kala Manch, shared screenshots with The Wire of messages she had received from both WhatsApp and Citizen Lab.
“I am the official administrator of the WhatsApp and Facebook pages of Kabir Kala Manch, Bhima Koregaon Shaurya Din Prerana Abhiyan, Elgaar Parishad, and the political party Vanchit Bahujan Aghadi. These spaces have been actively involved in confronting the state and have been asking uneasy questions. This is more to do with the organizations than me particularly,” Jadhav told The Wire.
Shubhranshu Choudhary, journalist and activist
Shubhranshu Choudhary, a journalist and peace activist who has been involved in rehabilitating displaced tribal communities in Chhattisgarh, told HuffPost India, “I didn’t know that anything was happening before Citizen Lab contacted me and said that this is a serious thing.”
Choudhary added that he received the same message from a researcher at University of Toronto’s Citizen Lab that the other targets have received. Choudhary said he was asked if he had been getting missed phone calls and other information that he checked his records and corroborated.
On why he thinks he was targeted,Choudhary pointed to the specific nature of his work, which involves running a Gondi language platform called ‘Voicebook’ and locally referred to as ‘Bultu radio’ since it works on Bluetooth as well, which specifically caters to tribal communities in the Chattisgarh area.
Over the last two to three years, on the community’s insistence, Choudhary and his organisation have been demanding the rehabilitation of displaced forest dwellers. The “new peace process,” Choudhary elaborated, has included a “pad yatra last year, on Gandhi’s birthday” followed by a “cycle ratra of 300 displaced people demanding rehabilitation since it has been 15 years since they were displaced to Andhra [Pradesh] and Telangana. They don’t want to go back home because of Maoists.”
In addition to updating his WhatsApp app on Citizen Lab’s instructions, Choudhary said he has also been taking training “on how to improve not only my phone’s security but my usage of the internet as well.”
Bela Bhatia, activist
Chhattisgarh-based human rights activists Bela Bhati said told NewsLaundry, “I was informed (by Citizen Lab) that the Indian government was responsible for this. I was not surprised since state surveillance of human rights activists is not new. By using more sophisticated Israeli spyware, the government has functioned with impunity. It has, once again, infringed on our right to privacy, upheld as a fundamental right by the Supreme Court in August 2017, and revealed that it needs to be vary of activists who are fighting on the ground for constitutional rights through constitutional means.”
Anand Teltumbde, writer and academic
Writer and academic Anand Teltumbde, who is also an accused in Bhima Koregaon case, told NewsLaundry he received a call from Citizen Lab 10 days ago. “Using spyware to snoop on people is pernicious. Individuals have become very vulnerable. This is a breach of the privacy of people in the highest possible degree. They (the government) are spying on everything an individual does. This doesn’t happen even in the worst dictatorships.”
Degree Prasad Chouhan, lawyer and activist
Dalit rights activist and lawyer Degree Prasad Chouhan, who is based in Chhattisgarh’s Raigarh district, told The Wire he was not surprised his phone had been compromised. Chouhan’s work focuses on forceful displacement and indigenous communities’ land rights.
Ashish Gupta, activist
Ashish Gupta, an activist in Delhi, also said received a call from Citizen Lab and told in Scroll he was forcibly thrown out of several WhatsApp groups in July, including those he was an administrator of. “I dismissed it then as a technical issue but now I’m wondering if this was connected to the surveillance,” he told Scroll.
Saroj Giri, Delhi University
Saroj Giri, an assistant professor in the Political Science department of Delhi University, said she got a message from Citizen Lab earlier this month.
“They said that Pegasus virus had been installed on my phone. I ignored it. But the next day they called me on WhatsApp. Since then, they have been in regular touch with me,” she told Scroll.
Shalini Gera, lawyer and activist
Shalini Gera, a human rights lawyer with Jagdalpur Legal Aid Group, told NewsLaundry, “I was informed that the software used to target my phone cost millions of dollars and only an institution such as a government could afford it.”
Sidhant Sibal, journalist
Sidhant Sibal, a TV journalist with WION news channel, said he was targeted. Sibal is the channel’s diplomatic and defence correspondent.
Rajeev Sharma, journalist
Rajeev Sharma, an independent journalist, told Scroll Citizen Lab had informed him his phone was under surveillance from March to May this year. He was advised to change his phone handset.
How the spyware works
Pegasus is NSO Group’s flagship spyware tool, and it can infiltrate both iPhones and Android phones.
According to Citizen Lab, once Pegasus is installed, it begins contacting the operator’s command and control (C&C) servers to send back the target’s private data, including passwords, contact lists, calendar events, text messages, and live voice calls from popular mobile messaging apps. The operator can even turn on the phone’s camera and microphone to capture activity in the phone’s vicinity, and use the GPS function to track a target’s location and movements.
That means every account you have is compromised; everyone you know is now known to your attacker, and every call, text message, or chat, can be read.
Your phone can be used to watch what’s going on, and listen in on your conversations, as they’re taking place, without your knowing about it.
WhatsApp has confirmed that the Pegasus software exploited a vulnerability in its voice calling software. The vulnerability, WhatsApp has said, has since been fixed.
NSO, meanwhile, had denied the allegations. “In the strongest possible terms, we dispute today’s allegations and will vigorously fight them,” it said in a statement. “The sole purpose of NSO is to provide technology to licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime.”
However, NSO Group maintains the Pegasus software is only sold to government agencies around the world.
The govt’s response
A senior official told PTI the IT ministry had asked WhatsApp for a detailed response to the allegations and on the number of Indian users affected.
IT Minister Ravi Shankar Prasad released a statement saying, “Govt is committed to protecting privacy of all Indian citizens. Govt agencies have a well established protocol for interception, which includes sanction and supervision from highly ranked officials in central & state governments, for clear stated reasons in national interest.”