At least 30 Indian WhatsApp users were targeted through the Israeli spyware Pegasus, according to Nihalsing Rathod, head of Human Rights Law Network, who said he was informed about this by Canada-based Citizen Lab when they contacted him about his own phone being hit by the malware.
Citizen Lab of the University of Toronto was investigating the spyware attack that hit WhatsApp users earlier this year. The investigation by WhatsApp along with Canada-based Citizen Lab revealed that the attack targeted at least 100 human rights activists, journalists and other members of civil society across the world.
"Citizen Lab called me on October 7 and October 14 to inform that malware was installed on my phone through the Pegasus attack. They told me Pegasus is mostly used by government agencies but did not specify who was behind the attack," Rathod told CNBC TV 18.
"Citizen Lab also informed me that 30 to 40 people in India were hit by the same malware," he added.
Overall, 1,400 WhatsApp users across the world were targeted in May this year and WhatsApp has now filed a suit against Israeli company NSO Group.
WhatsApp says Indian users were among those hit by the Pegasus attack and that the company reached out to them this week.
A source at WhatsApp said that in India, the users impacted were a combination of regular users and members of civil society such as journalists and activists, but did not give a figure.
WhatsApp said in a statement that the company "sent a special WhatsApp message to approximately 1,400 users that we have reason to believe were impacted by this attack to directly inform them about what happened."
"Indian users were among those contacted by us this week," WhatsApp said in a statement to CNBC-TV18.
Rathod says he had been contacted by several other activists and lawyers since the news came out after WhatsApp moved a legal suit against NSO in the United States on October 29.
"Several activists and lawyers from Gadhchiroli, Chattisgarh and even a student at a social sciences institute have reached out," Rathod said.
In a blog, Citizen Lab of University of Toronto said, "As part of our investigation into the incident, Citizen Lab has identified over 100 cases of abusive targeting of human rights defenders and journalists in at least 20 countries across the globe, ranging from Africa, Asia, Europe, the Middle East and North America that took place after Novalpina Capital acquired NSO Group and began an ongoing public relations campaign to promote the narrative that the new ownership would curb abuses."
NSO Group, which also goes by the name Q Cyber Technologies, is an Israeli-based company which develops and sells spyware technology. Novalpina is a European Private Equity firm and has acquired a majority of NSO group.
According to Citizen Lab, NSO Group claims it sells its spyware strictly to government clients only. The Pegasus spyware of the NSO Group can silently infiltrate both iOS and Android devices through a video call, even if the call is not answered.
"Once Pegasus is installed, it begins contacting the operator’s command and control (C&C) servers to receive and execute operators’ commands, and send back the target’s private data, including passwords, contact lists, calendar events, text messages, and live voice calls from popular mobile messaging apps. The operator can even turn on the phone’s camera and microphone to capture activity in the phone’s vicinity, and use the GPS function to track a target’s location and movements," Citizen Lab said in its blog.
WhatsApp has not shared details on which agencies used the spyware to target users.