In India, the numbers of phones belonging to hundreds of journalists, activists, opposition politicians, government officials and business executives were on the snooping list, as were numbers in several other countries in the region, including Azerbaijan, Kazakhstan and Pakistan, the Washington Post reported.
When Siddharth Varadarajan, co-founder of the Wire, an independent online outlet in India, learned that Security Lab's analysis showed that his phone had been targeted and penetrated by Pegasus, his mind immediately ran through his sensitive sources. He thought about a minister in Prime Minister Narendra Modi's government who had displayed an unusual concern about surveillance when they met.
The minister first moved the meeting from one location to another at the last moment, then switched off his phone and told Varadarajan to do the same. Then "the two phones were put in a room and music was put on in that room... and I thought: 'Boy, this guy is really paranoid. But maybe he was being sensible'," Varadarajan said in a recent interview, the report said.
Pegasus behind the hack
Military-grade spyware licensed by an Israeli firm to governments for tracking terrorists and criminals was used in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists, business executives and two women close to murdered Saudi journalist Jamal Khashoggi, according to an investigation by The Washington Post and 16 media partners.
Wahington Post said the numbers on the list are unattributed, but reporters were able to identify more than 1,000 people spanning more than 50 countries through research and interviews on four continents: several Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists, and more than 600 politicians and government officials — including cabinet ministers, diplomats, and military and security officers. The numbers of several heads of state and Prime Ministers also appeared on the list.
The phones appeared on a list of more than 50,000 numbers that are concentrated in countries known to engage in surveillance of their citizens and also known to have been clients of the Israeli firm, NSO Group, a worldwide leader in the growing and largely unregulated private spyware industry, the investigation found.
The greatest number was in Mexico, where more than 15,000 numbers, including those belonging to politicians, union representatives, journalists and other government critics, were on the list.
A large share of numbers were in the Middle East, including in Qatar, the UAE, Bahrain and Yemen. The UAE, Saudi Arabia and Bahrain are reported to be among NSO clients, the report said.
More than 1,000 French numbers were on the list. In Hungary, numbers associated with at least two media magnates were among hundreds on the list, and the phones of two working journalists were targeted and infected, forensic analysis showed.
How does Pegasus work?
Pegasus is engineered to evade defences on iPhones and Android devices and to leave few traces of its attack. Familiar privacy measures like strong passwords and encryption offer little help against Pegasus, which can attack phones without any warning to users. It can read anything on a device that a user can, while also stealing photos, recordings, location records, communications, passwords, call logs and social media posts. Spyware also can activate cameras and microphones for real-time surveillance.
The attack can begin in different ways. It can come from a malicious link in an SMS text message or an iMessage. In some cases, a user must click on the link to start the infection. In recent years, spyware companies have developed what they call "zero-click" attacks, which deliver spyware simply by sending a message to a user's phone that produces no notification. Users do not even need to touch their phones for infections to begin.
Mexico was NSO's first overseas client in 2011, less than a year after the firm was founded in Israel's Silicon Valley, in northern Tel Aviv. In 2016 and 2017, more than 15,000 Mexicans appeared on the list examined by the media consortium, among them at least 25 reporters working for the country's major media outlets, according to the records and interviews.
One of them was Carmen Aristegui, one of the most prominent investigative journalists in the country and a regular contributor to CNN. Aristegui, who is routinely threatened for exposing the corruption of Mexican politicians and cartels, was previously revealed as a Pegasus Story continues below advertisement target in several media reports. At the time, she said in a recent interview, her producer was also targeted. The new records and forensics show that Pegasus links were detected on the phone of her personal assistant.
Today's thriving international spyware industry dates back decades but got a boost after the unprecedented 2013 disclosure of highly classified National Security Agency documents by contractor Edward Snowden. They revealed that the NSA could obtain the electronic communications of almost anyone because it had secret access to the transnational cables carrying Internet traffic worldwide and data from Internet companies such as Google and giant telecommunications companies such as AT&T.
(With inputs from IANS)