The use of Pegasus ‘snoopware’ was successful on 20 of the 121 users in India whose mobile phones were targeted by the remote surveillance software made by Israel-based cyber tech firm, NSO, the Facebook-owned messaging platform has told the government.
WhatsApp, in a response to a request for technical information, said that it was unable to conclusively determine what data, if any, was accessed on the devices of the targeted users. The intrusion was intended to mine stored information and data and communications on mobiles.
In its latest communication to the government on November 18, the messaging platform said the attack on users was of a high order of complexity and sophistication. “(Due to) WhatsApp limited visibility into certain aspects of the attack, WhatsApp investigations into the attack are ongoing,” the company said.
Most of Pegasus 1,400 victims across the world were activists
In information also shared with a parliamentary committee, the government noted that WhatsApp said, “121 users is where the attempts were made while 20 users is where the attempt seems to have been successful”. The users were warned on October 29 about the attacks.
In September, WhatsApp told the government it was reviewing information even as the full extent of the attack may never be known. It had hinted that data of 20 users might have been compromised but confirmed this definitively in its November 18 communication.
However, in a communication in May, WhatsApp had not seen the Pegasus software as a potent threat. WhatsApp had then told the government, “We believe that a select number of individuals were targeted — this is not a security incident that would have affected a large number of users”.
Also Read: Revealed: How much employees earn in companies like Google and Facebook
With reports saying activists with an anti-government bent and some journalists were targeted, WhatsApp has indicated that most of Pegasus intended victims globally (about 1,400) were also largely activists. The platform said it offered support to “members of civil society globally targeted by the attack”.
It did so in coordination with Canada-based which contacted users who had received a “special WhatsApp message”. In May, WhatsApp told India cybersecurity agency CERT-In that it had identified and promptly fixed a vulnerability that would help attackers execute code on mobiles.
The platform was also asked about a media report on May 15 that cheap software might enable users to overcome WhatsApp controls. The firm said action had been taken to remove “WhatsApp clones”.