Privatization of digital espionage

Apple has released an emergency software update to fix a security flaw in its iPhones and other products researchers found was being exploited by the Israeli-based NSO Group to infect the devices with its Pegasus spyware. Over 1.65 billion Apple products in use around the globe were vulnerable to the spyware since at least March. Apple said vulnerable devices could be hacked by receiving a malicious PDF file that users don’t even have to click, known as “zero-click” exploit. The flaw was discovered by the University of Toronto’s Citizen Lab, which found the hack in the iPhone records of a Saudi political activist. Earlier this year, a massive data leak revealed Pegasus software had targeted the phones of thousands of journalists, activists and political figures around the world for foreign governments and NSO Group clients.

we and others, our partners at Amnesty International, other research groups, have been tracking, broadly speaking, the commercial spyware market for many years now. And NSO Group first came on our radar, you will recall, back in 2016, when we discovered it was being used by the United Arab Emirates to target a human rights defender named Ahmed Mansoor. Ever since then, we and others have documented extensive abuses of this company’s technology.

So, not surprisingly, when

— source | Sep 15, 2021

Nullius in verba

An explainer on the Pegasus Spyware

The recent Pegasus Project revelations of about half a lakh people across the world, including several in India, being targeted for cyber surveillance has firmly brought the spotlight on the Pegasus spyware, which is widely understood to be the most sophisticated smartphone attack tool. The revelations also mark the first time that a malicious remote jailbreak exploit had been detected within an iPhone.

Pegasus is a spyware (Trojan/Script) that can be installed remotely on devices running on Apple’s iOS & Google’s Android operating systems. It is developed and marketed by the Israeli technology firm NSO Group. NSO Group sells Pegasus to “vetted governments” for “lawful interception”, which is understood to mean combating terrorism and organised crime, as the firm claims, but suspicions exist that it is availed for other purposes.

NSO Group’s majority ownership vests its co-founders Omri Lavie and Shalev Hulo, and the European private equity fund Novalpina Capital. An American private equity firm,

— source | Prashant Pandey | 21 Jul 2021

Nullius in verba

Digital Evidence in the Shadow of Pegasus

In the recent Arjun Khotkar ruling, the apex court laid down the law relating to section 65B of the Evidence Act, 1872. However, after the Pegasus controversy, coupled with other episodes that reveal how easy it is to invade the electronic devices of any individual, more elaborate directions are needed.

Pegasus, the spyware developed by the Israeli cyber arms firm NSO Group, can easily infect electronic devices such as laptops and mobile phones. It can then read messages, track the location, access the device microphone and camera, etc of an unsuspecting user. It can avoid detection by antivirus and get deactivated remotely.

Considering how sophisticated Pegasus is, the only probable way to deal with this virus is to get rid of the phone. The gravity of the matter is such that after a hacking episode, WhatsApp admitted the data of its users was compromised and filed a suit in

— source | Abhay Nevagi | 03 Aug 2021

Nullius in verba

A Look at How Pegasus Brings the Best of Technology to Achieve the Worst

The NSO Group’s Pegasus spyware adds new layers and unique capabilities to a highly sophisticated and booming surveillance software industry to overcome modern challenges posed by encryption, masking and frequent SIM card replacement.

In this regard, the Pegasus marketing brochure, made public as part of WhatsApp’s filings in a US court case against the Israeli company, provides an insight into the spyware’s tech stack, architecture, and features.

Though this marketing brochure is likely outdated, and thus does not represent the leaps that have likely been taken over the last few years, it still provides an important glimpse into the different layers of data collection, transmission, presentation and analysis built into the spyware.

Dissecting Pegasus: Understanding different layers of the spyware

— source | Devesh Kumar | 02/Aug/2021

Nullius in verba

Phone Numbers of 14 World Leaders on Pegasus List

The Washington Post on Tuesday revealed that three presidents, 10 prime ministers, and a king are among the more than 50,000 individuals whose phone numbers appeared on a leaked list of potential targets of Pegasus, the military-grade spyware licensed by Israeli firm NSO Group, prompting human rights defenders to call for a global crackdown on the surveillance industry’s invasive technologies.

According to the Post, the phone numbers of hundreds of public officials, including 14 heads of state and government, appeared on the list. It was not possible to confirm if the world leaders’ smartphones had been infected with Pegasus, however, because none agreed to a forensic analysis of their iPhones or Android devices.

The newspaper reported that the list included three siting presidents (France’s Emmanuel Macron, Iraq’s Barham Salih, and South Africa’s Cyril Ramaphosa) and three current prime ministers (Egypt’s Mostafa Madbouly, Morocco’s Saad-Eddine El Othmani, and Pakistan’s Imran Khan). Also on the list were seven former prime ministers, whose numbers were added while they were still in office, according to time stamps.

— source, | Jul 20, 2021

Nullius in verba


Hours After Midnight Coup, CBI Chief Alok Verma Entered Surveillance Zone

Hours after Prime Minister Narendra Modi acted to oust Alok Verma from his post as head of the Central Bureau of Investigation at midnight on October 23, 2018, an unidentified Indian agency known to be a user of Pegasus spyware made a note of three telephone numbers registered in his name.

For India’s top law enforcement official, this was a remarkable reversal of fortune.

Until his peremptory termination despite having three months of tenure to go, Verma had enjoyed the authority to order the surveillance of suspects – under norms prescribed by law.

But unknown to him at the time, the blow the Modi government delivered that night was accompanied by a second sucker punch: someone with the keys to India’s hush-hush spyware deployment system received authorisation to add Verma’s numbers to an extensive list of persons of interest selected for surveillance, The Wire has established.

The Wire investigated several hundred India numbers from a leaked database comprising 50,000 numbers believed to be linked to probable targets of Pegasus. Forbidden Stories, a

— source | Siddharth Varadarajan | 22/Jul/2021

Nullius in verba

Data breach reveals extensive government spying on journalists and political activists

A data breach of the Israeli spy company NSO Group has revealed that the company’s Pegasus software is being used by governments around the world to spy on political dissidents and journalists. The breach, obtained by French media non-profit Forbidden Stories and Amnesty International, included a list of 50,000 phone numbers targeted for infection with the Pegasus spyware.

Many identified targets of NSO’s software are prominent individuals, including hundreds of business executives, religious leaders, academics, union and government officials—including several yet to be named cabinet ministers, presidents and prime ministers—as well as employees of Non-Governmental Organizations (NGOs).

The list consists of at least 180 targeted journalists, with reporters, executives, and editors from the Financial Times, CNN, the New York Times, France 24, the Economist, Associated Press and Reuters, all identified by the Pegasus project. The Guardian, which

— source | 18 Jul 2021

Nullius in verba