Rampant Use of Spyware Against Indian Journalists, Report Says
Amnesty International Reveals New Evidence of Pegasus Deployment
Newsreel Asia Insight #87
Dec. 29, 2023
There is new evidence of the ongoing use of Pegasus spyware against Indian journalists, says a report released on Dec. 28 by Amnesty International and The Washington Post. This comes about two months after Apple alerted iPhone users globally, including over 20 journalists and opposition politicians in India, about potential targeting by state-sponsored attackers.
This invasive surveillance tool, developed by the Israeli surveillance firm NSO Group, has been deployed against journalists, including like Siddharth Varadarajan, Founding Editor of The Wire, and Anand Mangnale, South Asia Editor at The Organised Crime and Corruption Report Project (OCCRP), according to the report. The latest case was identified in October 2023.
Forensic analysis by Amnesty International on devices of those alerted, including Varadarajan and Mangnale, confirmed Pegasus spyware activity. Mangnale’s phone showed evidence of a zero-click exploit sent via iMessage on Aug. 23, potentially installing Pegasus. This exploit, linked to an attacker-controlled email address, matched NSO Group’s BLASTPASS exploit, identified by Citizen Lab and patched by Apple.
A “zero-click exploit” is a type of harmful software that can install spyware on a device even without the user clicking a link.
Mangnale was investigating a story on alleged stock manipulation by a multinational conglomerate in India when targeted, the report notes. The extent of the compromise on his device remains unclear. Varadarajan, previously targeted by Pegasus in 2018, was attacked again on Oct. 16, 2023. The same email address linked to Mangnale’s attack was found on Varadarajan’s phone, suggesting a common perpetrator, according to the report, which says, however, that there’s no indication of a successful breach in this instance.
The use of Pegasus in India aligns with a broader crackdown on freedom of expression and assembly, the report says, adding that this has significantly impacted civil society, journalists, and activists.
“Our latest findings show that increasingly, journalists in India face the threat of unlawful surveillance simply for doing their jobs, alongside other tools of repression including imprisonment under draconian laws, smear campaigns, harassment, and intimidation,” says Donncha Ó Cearbhaill, Head of Amnesty International’s Security Lab. “Despite repeated revelations, there has been a shameful lack of accountability about the use of Pegasus spyware in India which only intensifies the sense of impunity over these human rights violations.”
The Security Lab first noticed signs of renewed Pegasus threats in India in June 2023, the report notes, adding that this followed reports of the Indian government’s interest in acquiring new commercial spyware, the report says.
In 2021, following the Pegasus Project revelations, the Supreme Court of India established a technical committee, which analysed Varadarajan’s devices but allegedly faced non-cooperation from Indian authorities, the report says, and adds that the committee’s findings remain undisclosed.
Meanwhile, NSO Group responded to The Washington Post, reiterating that it only sells to vetted law enforcement and intelligence agencies for combating terror and major crime. The company maintains it does not target journalists, lawyers, human rights defenders or political dissidents.
Despite NSO Group’s claims, the Indian government has not clarified its use or procurement of Pegasus spyware, the report underlines.
Amnesty International says it has urged all countries, including India, to ban highly invasive spyware and called for the release of the Supreme Court Technical Committee Report on Pegasus use in India. The organisation has also demanded an independent investigation into targeted surveillance cases.
Background checks reveal that India’s Intelligence Bureau received hardware from NSO Group in April 2017, coinciding with the earliest identified Pegasus attacks in India in July 2017. Amnesty International and Citizen Lab’s 2020 report highlighted the targeting of human rights defenders in India using commercial spyware. The 2021 Pegasus Project further exposed the widespread use of Pegasus against civil society members and journalists in India.
“In October 2022, OCCRP reported based on analysis of commercial trade databases, that India’s main domestic intelligence agency, the Intelligence Bureau, got a shipment of hardware from NSO Group matching the description of equipment used to run the Pegasus system in April 2017,” the report says.
The report concludes by encouraging human rights defenders, activists or journalists who have received security alerts to seek digital forensics support from Amnesty International.
