Nagpur-based lawyer Nihalsing, who represents Surendra Gadling, was one of those targeted and has shared with TNM the conversation with the researcher who told him of the attack.

The Indian activists lawyers snooped on through WhatsApp by Israeli spyware Pegasus(L to R: Nihalsing Rathod, Bela Bhatia and Anand Teltumbade)
news Controversy Thursday, October 31, 2019 - 16:48

Activists and lawyers who represented those arrested in the Bhima Koregaon case were among those who were targets of ‘state-of-the-art-surveillance’ by operators who were using an Israeli spyware called Pegasus, multiple reports said on Thursday. 

WhatsApp has filed a lawsuit against NSO Group, an Israeli technology firm, for allegedly sending malware that exploited its platform in order to conduct this surveillance. 

HuffPost and Newslaundry tracked down some people in India who were targeted, including: Nagpur-based lawyer Nihalsing Rathod (who is representing activist Surendra Gadling in the Bhima-Koregaon case), Maharashtra-based activist Anand Teltumbde, activist Degree Prasad Chouhan, Pune-based activist Rupali Jadhav. 

NSO Group, which has been accused by WhatsApp of allegedly sending malware that exploited its platform, has denied any wrongdoing and has maintained Pegasus has been sold only to ‘vetted and legitimate’ government agencies.

The activists who were ‘snooped’ upon

Nagpur-based lawyer Nihalsing stated that he received a message from a researcher at the University of Toronto’s Citizen Lab who told him that he could have been targeted by malware and his phone could have been compromised. 

After his conversation with the researcher, he received a generic message from the official account of WhatsApp on the messaging application, stating that the company had detected a cyber attack and that there was a possibility that Rathod’s phone was impacted.

Nihalsing shared with TNM the screenshots of his conversation with the researcher. Rathod is representing Surendra Gadling, a human rights activist and Dalit lawyer who has been in jail in connection with the Bhima Koregaon case. 

Screenshot that Nihalsing shared with TNM

Civil rights activist Anand Teltumbade also confirmed to TNM that he received a similar message from WhatsApp. In 2018, Teltumbade's residence in Goa was raided by police in connection with the Bhima-Koregaon case as well and the alleged 'Maoist plot' to 'assassinate' Prime Minister Narendra Modi. 

Bela Bhatia, a human rights activist based out of Bastar, Chhattisgarh, told Newslaundry that Citizen Lab contacted her in September. The activist, who has taken on the Indian security forces against the illegal imprisonment of Adivasis, has been branded a 'Naxal sympathiser.' 

"I was informed that the Indian government was responsible for this [by Citizen Lab]. I was not surprised since state surveillance of human rights activists is not new. By using a more sophisticated Israeli spyware, the government has functioned with impunity. It has, once again, infringed on our right to privacy upheld as a fundamental right by the Supreme Court in August 2017 and also revealed that it needs to be wary of activists who are fighting on the ground for constitutional rights through constitutional means," she told the website. 

Degree Prasad Chouhan, a Dalit rights activist and lawyer too was informed about the snooping by Citizen Lab. However, he was alerted only as recent as October 28. "I have received some suspicious emails in the past. But snooping using Israeli spyware was new for me. I am an activist working for the rights of poor and Adivasis in Central India. It’s said that the government is spying on us using foreign technologies. I am not an enemy of this nation." he told Newslaundry.

Also read: WhatsApp confirms Indian journalists, activists were snooped on using Israeli spyware

The lawsuit by WhatsApp

On Tuesday, WhatsApp filed a lawsuit against NSO Group, an Israeli tech company, in an American federal court for using its platform for conducting surveillance. However, NSO Group has denied any wrongdoing. In a statement, the company, based out of Tel Aviv, has said that it provides 'authorized governments with technology that helps them combat terror and crime'. It has claimed that the spyware, Pegasus, has been sold only to ‘vetted and legitimate’ government agencies, and the same goes for India. 

In May this year, WhatsApp said that it had “stopped a highly sophisticated cyber attack” that exploited its video calling feature. By simply calling the targeted phone, the attackers injected commercial spyware into the device, it said. 

Following the attack, Citizen Lab, a multidisciplinary research group at the University of Toronto, offered to help WhatsApp identify cases where the ‘suspected targets of this attack were members of civil society, such as human rights defenders and journalists.’ 

With WhatsApp attributing the May attack to the NSO Group on Tuesday, Citizen Lab identified over scores of cases of ‘abusive targeting’ of human rights activists and journalists in at least 20 countries from Africa, Asia, Europe, the Middle East, and North America. While WhatsApp pushed out an update at the time on app stores adding new protective features, the attack has constituted a breach of its Terms of Service.

Also read: Explained: WhatsApp sues Israeli firm for allegedly using spyware to target journos, activists

How Pegasus hacked into WhatsApp:

WhatsApp has alleged that Pegasus could send a link to a victim’s phone and can get installed on the phone even without the victim taking any action, like clicking on it or opening the message. In this case of May 2019, users received a missed video call on WhatsApp. The moment the phone rang, without users needing to answer that call, the malware was allegedly installed on the victim’s phone.

Once it gets into a particular phone, Pegasus can access passwords, contact lists, calendar events, text messages, and live voice calls from popular mobile messaging apps. It can even turn on the microphone and the camera and use the GPS function on the phone to track a target’s location and movements.

This spyware was also allegedly used to track down the location of Washington Post journalist Jamal Khashoggi, who was murdered at the Saudi Consulate in Istanbul last year.

(With inputs from Manasa Rao)

Help us provide quality journalism. Become a TNM member today! Click here.