India may have been behind the Israeli spyware attack against Pakistani defence and intelligence officials
ISLAMABAD - The mobile phones of at least two dozen Pakistani senior defence and intelligence officials were allegedly targeted with technology owned by the Israeli spyware company NSO Group, reveals a British newspaper report link .
The alleged breach of privacy was discovered during an analysis of 1,400 people whose phones were the focus of hacking attempts in a two-week period earlier this year, the report says quoting sources familiar with the matter who wished not to be named.
The malware’s users exploited a vulnerability in WhatsApp software to access messages and data on the targets’ phones.
The discovery of the breach in May prompted WhatsApp, which is owned by Facebook, to file a lawsuit against Israeli Spyware company NSO in October in which it accused the company of “unauthorised access and abuse” of its services.
“The alleged targeting of Pakistani officials gives a first insight into how NSO’s signature “Pegasus” spyware could have been used for “state-on-state” espionage,” read the report.
“This kind of spyware is marketed as designed for criminal investigations. But the open secret is that it also winds up being used for political surveillance and government-on-government spying,” John Scott-Railton, a senior researcher at the Citizen Lab, an academic research group located at the University of Toronto that has worked with WhatsApp to help identify victims of the alleged hacks, told the newspaper.
“While it is not clear who wanted to target Pakistani government officials, the details are likely to fuel speculation that India could have been using NSO technology for domestic and international surveillance,” said the report.
“The government of the Indian prime minister, Narendra Modi, is facing questions from human rights activists about whether it has bought NSO technology after it emerged that 121 WhatsApp users in India were allegedly targeted earlier this year.”
India was first linked to NSO in 2018, when a report by the Citizen Lab identified 36 Pegasus “operators” who were found to be using the malware in 45 countries. One operator, which the Citizen Lab identified and codenamed “Ganges”, was found to have been active since 2017 and had infected mobile phones in five locations: India, Bangladesh, Brazil, Hong Kong and Pakistan.
The Citizen Lab did not identify who it believed was behind “Ganges” but the data in its report indicated that most of the networks with infections were in India.