WhatsApp snooping scandal

Last updated

On October 30, 2019, WhatsApp's parent company Facebook, Inc. confirmed that Pegasus, a sophisticated snooping software developed by Israel's NSO Group, was used to target Indian journalists, activists, lawyers and senior government officials. The journalists and activists are believed to have been targets of surveillance for a two-week period until May, when the Indian national election was held. [1] [2]

Contents

The snooping scandal came out after WhatsApp filed a case in California's Northern District federal court against the NSO group, alleging the NSO group had developed the software used to infect 1,400 target devices with malware. [3]

The IT Ministry of India sought a detailed response from WhatsApp on the issue. [4] They responded that they had alerted the government on two occasions—once in May and for the second time in September 2019. [5] [6] [7] In response to Indian Government's order, WhatsApp informed the Computer Emergency Response Team of India in May and September that Pegasus spyware affected Indian WhatsApp users. [8]

Indian National Congress party alleged that the Narendra Modi-led government has been caught snooping on journalists, activists, lawyers and senior government officials. [9] They later alleged that their leaders, including general secretary Priyanka Gandhi, are also being targeted by this. They also claimed WhatsApp sent messages to different people whose phones were hacked. One such message was also received from the WhatsApp of Priyanka Gandhi a few months ago. [10]

Former Chief Financial officer of Infosys Mr. T.V. Mohandas Pai also demanded government to probe on the scandal and to come out with a report before the public. [11]

See also

Related Research Articles

<span class="mw-page-title-main">Citizen Lab</span> Digital research center at the University of Toronto

The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs at the University of Toronto, Canada. It was founded by Ronald Deibert in 2001. The laboratory studies information controls that impact the openness and security of the Internet and that pose threats to human rights. The organization uses a "mixed methods" approach which combines computer-generated interrogation, data mining, and analysis with intensive field research, qualitative social science, and legal and policy analysis methods. The organization has played a major role in providing technical support to journalists investigating the use of NSO Group's Pegasus spyware on journalists, politicians and human rights advocates.

<span class="mw-page-title-main">K. N. Govindacharya</span>

Kodipakam Neelameghacharya Govindacharya is a founder Bharat Vikas Sangam, Eternal Hindu Foundation and Rastriya Swabhiman Andolan, Formally Rashtriya Swayamsevak Sangh pracharak, environmental activist, social activist, political activist and thinker. He was associated with Bharatiya Janata Party but is now a staunch critic of that party as much as he is a critic of the Indian National Congress.

<span class="mw-page-title-main">Juliette Kayyem</span> American politician, author, and analyst

Juliette N. Kayyem is an American former government official and author. She is host of the Boston-based radio channel WGBH (FM)'s podcast The SCIF, and has also appeared on CNN and Boston Public Radio, and written columns for The Boston Globe.

<span class="mw-page-title-main">WhatsApp</span> Messaging and VoIP service owned by Meta

WhatsApp is an instant messaging (IM) and voice-over-IP (VoIP) service owned by technology conglomerate Meta. It allows users to send text, voice messages and video messages, make voice and video calls, and share images, documents, user locations, and other content. WhatsApp's client application runs on mobile devices, and can be accessed from computers. The service requires a cellular mobile telephone number to sign up. In January 2018, WhatsApp released a standalone business app called WhatsApp Business which can communicate with the standard WhatsApp client.

<span class="mw-page-title-main">Anand Teltumbde</span> Indian scholar (born 1950)

Anand Teltumbde is an Indian scholar, writer, and human rights activist who is a management professor at the Goa Institute of Management. He has written extensively about the caste system in India and has advocated for the rights of Dalits.

Onavo, Inc. was an Israeli mobile web analytics company that was purchased by Facebook, Inc., who changed the company's name to Facebook Israel. The company primarily performed its activities via consumer mobile apps, including the virtual private network (VPN) service Onavo Protect, which analysed web traffic sent through the VPN to provide statistics on the usage of other apps.

<span class="mw-page-title-main">NSO Group</span> Israeli cyber-espionage and malware firm

NSO Group Technologies is an Israeli cyber-intelligence firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance of smartphones. It employed almost 500 people as of 2017.

Pegasus is a spyware developed by the Israeli cyber-arms company NSO Group that is designed to be covertly and remotely installed on mobile phones running iOS and Android. While NSO Group markets Pegasus as a product for fighting crime and terrorism, governments around the world have routinely used the spyware to surveil journalists, lawyers, political dissidents, and human rights activists. The sale of Pegasus licenses to foreign governments must be approved by the Israeli Ministry of Defense.

<span class="mw-page-title-main">Saud al-Qahtani</span> Saudi Arabian consultant and former royal court advisor

Saud bin Abdullah al-Qahtani is a Saudi Arabian consultant and former royal court advisor. Prior to his dismissal in late 2018, he worked as an advisor to King Abdullah of Saudi Arabia and crown prince Mohammed bin Salman.

DarkMatter Group is a computer security company founded in the United Arab Emirates (UAE) in 2014 or 2015. The company has described itself as a purely defensive company, however in 2016, it became a contractor for Project Raven, to help the UAE surveil other governments, militants, and human rights activists. It has employed former U.S. intelligence operatives and graduates of the Israel Defense Force technology units.

The Pegasus Project is an international investigative journalism initiative that revealed governments' espionage on journalists, opposition politicians, activists, business people and others using the private Pegasus spyware developed by the Israeli technology and cyber-arms company NSO Group. Pegasus is ostensibly marketed for surveillance of "serious crimes and terrorism". In 2020, a target list of 50,000 phone numbers leaked to Forbidden Stories, and an analysis revealed the list contained the numbers of leading opposition politicians, human rights activists, journalists, lawyers and other political dissidents.

Candiru is a private Tel Aviv-based company founded in 2014 which provides spyware and cyber-espionage services to government clients. Its management and investors overlap significantly with that of NSO Group. Its operations began being uncovered in 2019 by researchers at CitizenLab, Kaspersky, ESET. Microsoft refers to the company's cyber-espionage operations as "Caramel Tsunami/SOURGUM" while Kaspersky refers to it as "SandCat"

<span class="mw-page-title-main">Pegasus Project revelations in India</span> Revelations of the Pegasus Project investigation by journalists related to India and the aftermath

In India, the Pegasus Project investigations alleged that the Pegasus spyware was used on ministers, opposition leaders, political strategist and tacticians, journalists, activists, minority leaders, Supreme Court judges, religious leaders, administrators like Election Commissioners and heads of Central Bureau of Investigation (CBI). Some of these phones were later digitally & forensically analysed by Amnesty International's Security Lab on 10 Indian phones and the analysis showed signs of either an attempted or successful Pegasus hack. However, the Supreme Court of India stated that the technical committee had found 'malware' in 5 of the 29 phones, but not able to say conclusively that the malware found was Pegasus. The Chief Justice also mentioned that the government refused to cooperate in the investigation.

FORCEDENTRY, also capitalized as ForcedEntry, is a security exploit allegedly developed by NSO Group to deploy their Pegasus spyware. It enables the "zero-click" exploit that is prevalent in iOS 13 and below, but also compromises recent safeguards set by Apple's "BlastDoor" in iOS 14 and later. In September 2021, Apple released new versions of its operating systems for multiple device families containing a fix for the vulnerability.

In 2022, Indian news outlet The Wire alleged that the Bharatiya Janata Party (BJP) used an application, called Tek Fog, to manipulate social media. The story went viral in India, and drew reactions from opposition politicians.

Quadream was an Israeli surveillance technology company. It prominently sold iPhone hacking tools, and was founded in 2014 by a group including two former NSO Group employees, Guy Geva, and Nimrod Reznik. Its offices were in Ramat Gan. The company is suspected to have shut down in April 2023. It is owned by a parent company in Cyprus.

CatalanGate is a 2022 political scandal involving accusations of espionage using the NSO Group's Pegasus spyware, against figures of the Catalan independence movement. Targets of the supposed espionage included elected officials, activists, lawyers, and computer scientists; in some cases, families of the main targets were also purportedly targeted.

Rupesh Kumar Singh is a journalist from Jharkhand who is known for his reporting on Human rights violation and persecution of tribal people. In 2021 during the Pegasus Project revelations in India his phone number were found in the list of potential targets for state surveillance by Pegasus (spyware). Rupesh claimed that the Union government of India had been targeting him for his reporting on violence by the security forces against the tribal people. He along with four other journalists targeted by the spyware moved the Supreme Court of India, seeking a mechanism for judicial oversight and punishments for the officials involved.

Tamer Almisshal is a Palestinian journalist who works at Al Jazeera, and is the host of The Hidden is More Immense.

<span class="mw-page-title-main">Cytrox</span> Spyware company

Cytrox is a company established in 2017 that makes malware used for cyberattacks and covert surveillance. Its Predator spyware was used to target Egyptian politician Ayman Nour in 2021 and to spy on 92 phones belonging to businessmen, journalists, politicians, government ministers and their associates in Greece. In 2023, the U.S. Department of Commerce added the Cytrox companies Cytrox AD in North Macedonia, and Cytrox Holdings Crt in Hungary to its Entity List and on March 5, 2024, the U.S. Department of Treasury imposed sanctions upon Cytrox AD of North Macedonia and the Intellexa Consortium, which is the parent firm of Cytrox AD, "for trafficking in cyber exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide."

References

  1. "Indian Govt. A Likely Culprit in WhatsApp Snooping Scandal, Pegasus Documents Show". HuffPost India. 1 November 2019.
  2. "Several Indian Users Hit By Israeli Spyware, Says WhatsApp: 10 Points". 1 November 2019.
  3. "Govt asks WhatsApp to explain breach amid phone snoop row - Times of India". The Times of India. November 2019.
  4. "Indian Activists, Journalists Hit By Israeli Spyware, Govt Seeks Response From WhatsApp". Outlook (India). 31 October 2019.
  5. "WhatsApp snooping: FB India chief appears before parliamentary panel". Business Standard . 15 December 2019.
  6. "WhatsApp told govt about Pegasus spyware 2nd time in September, said 121 people spied on: Reports". India Today. 3 November 2019.
  7. "Facebook India Head Appears Before Parliamentary Panel On WhatsApp Snooping Issue". BloombergQuint . 13 December 2019.
  8. "WhatsApp snooping row: All you need to know". The Economic Times . 5 November 2019.
  9. "WhatsApp told govt about Pegasus spyware 2nd time in September, said 121 people spied on: Reports". India Today. 3 November 2019.
  10. "WhatsApp snooping row: Congress alleges Priyanka Gandhi's phone was also hacked". India Today. 3 November 2019.
  11. "Govt needs to draw up norms to have control over Google, Facebook, Twitter: Pai". Mint . 4 November 2019.

Further reading