‘Operators in India Hacked’ UK Foreign Office Phones Using Pegasus

Two days before Boris Johnson’s first visit as prime minister to India, it has been revealed that ‘operators’ in India, the United Arab Emirates (UAE), Cyprus and Jordan used the Israeli spyware Pegasus to target phones of United Kingdom (UK) government officials between July 2020 and June 2021.

According to an analysis by Toronto-based Internet watchdog Citizen Lab—which has exposed the use of the NSO Group’s Pegasus by various governments, including India, several times—and reported by The New Yorker for the first time, the malware was also found on a device connected to 10 Downing Street.

A UK official confirmed to The New Yorker that the network was compromised. UK’s National Cyber Security Centre, a branch of British intelligence, tested several phones at Downing Street, including Johnson’s. “It’s a bloody hard job,” the official said adding that the agency was unable to locate the infected device. Therefore, the quality and quantity of data that could have been compromised were never determined.

“When we found the No. 10 case, my jaw dropped,” John Scott-Railton, a senior researcher at the Citizen Lab told the American weekly magazine. Another senior researcher Bill

— source newsclick.in | 19 Apr 2022

Nullius in verba

Mossad Members Dropped By NSO Officers To Run Off-The-Books Phone Hacks

Oh, NSO Group, is there anything you won’t do? (And then clumsily deny later?). If I were the type to sigh about such things, I surely would. But that would indicate something between exasperation and surprise, which are emotions I don’t actually feel when bringing you this latest revelation about the NSO’s shady dealings.

The Mossad used NSO’s Pegasus spyware to hack cellphones unofficially under the agency’s previous director, Yossi Cohen, several NSO Group employees said.

The employees, who asked to remain anonymous because of their confidentiality agreements with the company, said that Mossad officials asked NSO on several occasions to hack certain phones for them. The employees didn’t know why these hacks were requested.

There’s plenty that will shock no one about these allegations. First off, NSO Group has an extremely close relationship with the Israeli government. Top-level officials have paved the way for sales to countries like Saudi Arabia and the UAE, leveraging powerful spyware to obtain diplomatic concessions.

Second, NSO — like other Israeli malware merchants — recruits heavily from the Israeli government, approaching military members and analysts from intelligence agencies Shin Bet a

— source techdirt.com | Tim Cushing | Feb 24 2022

Nullius in verba

Rona Wilson’s Devices Hacked by two Groups of Hackers Employed by Same Entity

More skeletons are tumbling out of a closet in the matter pertaining to the allegations of malware and spyware planted on electronic devices used by activists implicated in the Bhima Koregaon case. Now, Sentinel Labs, another US-based cybersecurity firm (after Arsenal) has discovered more evidence of Rona Wilson’s devices being targeted.

According to Sentinel Labs, there are two separate sets of hackers who targeted Wilson’s devices. They were employed, possibly by the same entity that has “interests aligned with the Indian State”.

The curious case of the ModifiedElephant

One of the groups of hackers who targeted Wilson’s devices is an entity Sentinel Labs calls ModifiedElephant. A report by Sentinel Labs says, “ModifiedElephant is responsible for targeted attacks on human rights activists, human rights defenders, academics, and lawyers across India with the objective of planting incriminating digital evidence.” They also

— source sabrangindia.in | 11 Feb 2022

Nullius in verba

Indian Leadership Showed ‘Specific Interest’ in Pegasus

The secret deal between India and Israel for the sale of Pegasus in 2017 was struck at the ‘highest levels’ of each country’s political and intelligence leadership and flowed from the Modi government’s ‘specific interest’ in and ‘specific emphasis’ on acquiring the controversial spyware, Israeli investigative journalist Ronen Bergman told The Wire on Monday.

The video and transcript of the interview will be published on YouTube and The Wire later today.

Bergman, who has spent years covering Israel’s intelligence and military establishment and has followed the NSO Group since its inception in 2007, jointly reported last week’s explosive New York Times story with Mark Mazzetti on Pegasus, which they called the ‘world’s most powerful cyberweapon’. Speaking to The Wire via Zoom from his home in Tel Aviv,

— source thewire.in | Siddharth Varadarajan | 01/Feb/2022

Nullius in verba

Why Did RSS-Linked GVF Intervene in SC to Stop West Bengal Probe Commission on Pegasus Snooping?

On December 17, a bench of the Supreme Court, headed by Chief Justice of India N V Ramana, and Justices Surya Kant and Hima Kohli, stayed the proceedings of the two-member Commission of Inquiry headed by retired Supreme Court judge Justice Madan B Lokur, including former Chief Justice of the Calcutta High Court, Justice Jyotirmay Bhattacharya, which was constituted by the West Bengal government to probe allegations that Israeli spyware Pegasus had been used to illegally infiltrate the mobile phones of politicians, journalists and activists.

The apex court bench’s decision was based on a petition filed by a Delhi-based “think-tank” named Global Village Foundation Public Charitable Trust. The petitioner was represented by senior advocates Harish Salve (former Solicitor General of India) and Mahesh Jethmalani.

— source newsclick.in | Ravi Nair, Abir Dasgupta | 31 Jan 2022

Nullius in verba

Who hacked Poland’s opposition?

In July 2021, an international consortium of journalists published an in-depth investigation revealing how a range of autocratic states, such as Azerbaijan, Saudi Arabia, Rwanda and Morocco, used the Israeli Pegasus spyware to snoop on politicians, correspondents and human rights activists. The only EU country known to have utilized the software was Hungary.

Now, half a year later, details are emerging that suggest Poland’s incumbent government, led by the national-conservative Law and Justice (PiS) party, may be mired in a Pegasus scandal of its own. Krzysztof Brejza, a leading lawmaker with the opposition Civic Platform (PO), said in late December 2021 that his smartphone had been hacked 33 times between April and October 2019.

During this time, Brejza directed his party’s election team ahead of the parliamentary polls on October 13, 2019. During this period, Polish public broadcaster TVP accused Brejza of waging a vitriolic campaign against his political enemies, citing fake emails to back up the claim. Brejza said he thinks the timing of the accusation was “no coincidence.”

— source dw.com | Jacek Lepiarz | 05.01.2022

Nullius in verba

Privatization of digital espionage

Apple has released an emergency software update to fix a security flaw in its iPhones and other products researchers found was being exploited by the Israeli-based NSO Group to infect the devices with its Pegasus spyware. Over 1.65 billion Apple products in use around the globe were vulnerable to the spyware since at least March. Apple said vulnerable devices could be hacked by receiving a malicious PDF file that users don’t even have to click, known as “zero-click” exploit. The flaw was discovered by the University of Toronto’s Citizen Lab, which found the hack in the iPhone records of a Saudi political activist. Earlier this year, a massive data leak revealed Pegasus software had targeted the phones of thousands of journalists, activists and political figures around the world for foreign governments and NSO Group clients.

we and others, our partners at Amnesty International, other research groups, have been tracking, broadly speaking, the commercial spyware market for many years now. And NSO Group first came on our radar, you will recall, back in 2016, when we discovered it was being used by the United Arab Emirates to target a human rights defender named Ahmed Mansoor. Ever since then, we and others have documented extensive abuses of this company’s technology.

So, not surprisingly, when

— source democracynow.org | Sep 15, 2021

Nullius in verba

An explainer on the Pegasus Spyware

The recent Pegasus Project revelations of about half a lakh people across the world, including several in India, being targeted for cyber surveillance has firmly brought the spotlight on the Pegasus spyware, which is widely understood to be the most sophisticated smartphone attack tool. The revelations also mark the first time that a malicious remote jailbreak exploit had been detected within an iPhone.

Pegasus is a spyware (Trojan/Script) that can be installed remotely on devices running on Apple’s iOS & Google’s Android operating systems. It is developed and marketed by the Israeli technology firm NSO Group. NSO Group sells Pegasus to “vetted governments” for “lawful interception”, which is understood to mean combating terrorism and organised crime, as the firm claims, but suspicions exist that it is availed for other purposes.

NSO Group’s majority ownership vests its co-founders Omri Lavie and Shalev Hulo, and the European private equity fund Novalpina Capital. An American private equity firm,

— source theleaflet.in | Prashant Pandey | 21 Jul 2021

Nullius in verba

Digital Evidence in the Shadow of Pegasus

In the recent Arjun Khotkar ruling, the apex court laid down the law relating to section 65B of the Evidence Act, 1872. However, after the Pegasus controversy, coupled with other episodes that reveal how easy it is to invade the electronic devices of any individual, more elaborate directions are needed.

Pegasus, the spyware developed by the Israeli cyber arms firm NSO Group, can easily infect electronic devices such as laptops and mobile phones. It can then read messages, track the location, access the device microphone and camera, etc of an unsuspecting user. It can avoid detection by antivirus and get deactivated remotely.

Considering how sophisticated Pegasus is, the only probable way to deal with this virus is to get rid of the phone. The gravity of the matter is such that after a hacking episode, WhatsApp admitted the data of its users was compromised and filed a suit in

— source theleaflet.in | Abhay Nevagi | 03 Aug 2021

Nullius in verba