The notorious Pegasus spyware is still being used to target journalists and activists in India. Indian government’s run-in with Pegasus happened in 2021 when it was alleged that the government was targeting journalists and opposition members.
The latest victims include Siddharth Varadarajan, Founding Editor of The Wire, and Anand Mangnale, South Asia Editor at The Organised Crime and Corruption Report Project (OCCRP), who were previously targeted with the same spyware.
In collaboration with The Washington Post, Amnesty International exposed the spyware details.
Amnesty International’s Security Lab’s investigations confirmed that the latest Pegasus spyware attack on Indian journalists occurred in October 2023.
“Our latest findings show that increasingly, journalists in India face the threat of unlawful surveillance simply for doing their jobs, alongside other tools of repression including imprisonment under draconian laws, smear campaigns, harassment, and intimidation,” said Donncha Ó Cearbhaill, Head of Amnesty International’s Security Lab.
During routine technical monitoring, Amnesty International’s Security Lab detected renewed Pegasus spyware threats in June 2023, coinciding with reports that the Indian government sought to acquire a new commercial spyware system.
Apple’s global threat notifications in October 2023 revealed that more than 20 journalists and opposition politicians in India were targeted, prompting the current investigation.
When the cybersecurity researchers analysed, Anand Mangnale’s device revealed a zero-click exploit sent over iMessage on August 23, 2023, designed to install Pegasus spyware covertly. The exploit targeted iOS 16.6, the latest version then, and was convenient with NSO Group’s BLASTPASS exploit, identified by Citizen Lab in September 2023.
Notably, Mangnale’s phone was vulnerable to the zero-click exploit during this investigation into alleged stock manipulation by a multinational conglomerate in India.
Siddharth Varadarajan, previously targeted in 2018, faced another Pegasus attack in October 2018 faced another attack on October 16, 2023, using the same attacker-controlled email address as Mangnale’s case.
While the researchers found no indications of compromise in Varadrajan’s case, the shared details confirm the same Pegasus customer targeted both journalists.
Amnesty International urges countries to ban the use and export of highly invasive spyware. It demands the immediate release of the Supreme Court Technical Committee Report on Pegasus use in India.
Many countries, including India, Mexico, and Bahrain, among others have used Pegasus. A few months ago, there were reports that the Indian government was forcing telecom operators to install special hardware in subsea landing stations to conduct mass surveillance on people.
There were also reports that after the PR nightmare of Pegasus, the governments were looking for other potential spyware. The chief among them was Predator, a spyware developed by Cytrox.
In the News: Apple’s proprietary hardware exploited for spying
