After Apple alert, Pegasus spyware found on iPhones of 2 Indian journalists: Amnesty report

At least two senior Indian journalists were recently targeted with Pegasus spyware, a joint probe by Amnesty International’s Security Lab and The Washington Post has found.

According to the report, the two journalists are The Wire’s founding-editor, Siddharth Varadarajan, and Anand Mangnale, the South Asia editor at The Organised Crime and Corruption Report Project. The latest identified case was reported in October this year, the report said.

Findings of the report

According to the Amnesty report, Mangnale’s phone was hacked when he was “working on a story about an alleged stock manipulation by a large multinational conglomerate in India,” while Varadarajan’s was targeted twice – in 2018 and October 16, 2023.

“The same attacker-controlled email address used in the Pegasus attack against Anand Mangnale was also identified on Siddharth Varadarajan’s phone, confirming that both journalists were targeted by the same Pegasus customer,” the report said.

“The Security Lab also identified an attacker-controlled email address used as part of the Pegasus attack on his (Mangnale’s) device. The recovered samples are consistent with the NSO Group’s BLASTPASS exploit, publicly identified by Citizen Lab in September 2021 and patched by Apple in iOS 16.6.1 (CVE-2023-41064).”

The spyware was reportedly detected after the phones of the two journalists were tested by the security lab. The journalists had given their iPhones to Amnesty for testing after, in October, received an alert from Apple that their devices were being targeted by “state-sponsored hacking.”

Apple’s alert and repercussions

In October, several Opposition leaders and journalists had claimed that they received an alert on their iPhones that they were being “targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your Apple id.”

A latest report in The Washington Post said that following the alert by Apple, central government officials allegedly called the company’s representatives in India and demanded them to “soften the political impact of the warnings.”

The report claims an Apple security expert was summoned from abroad for a meeting in New Delhi and government representatives “put pressure” on the former to “come up with alternative explanations for the warnings to users”.

What is Pegasus spyware?

Notably, the spyware is a surveillance tool that is sold by NSO Group, its developer, exclusively to governments. As per trade data, India’s Intelligence Bureau had imported the technology from NSO Group in 2017.

The technology can help attackers to extract all information and contents on the targeted person’s smartphone and sell the information for money. The spyware works even though a phone is fully updated and can seamlessly access real-time camera and microphone data.

The Centre, however, has neither accepted nor denied buying or using it.

“Targeting journalists solely for doing their work amounts to an unlawful attack on their privacy and violates their right to freedom of expression. All states, including India, have an obligation to protect human rights by protecting people from unlawful surveillance,” The Hindu quoted Donncha O Cearbhaill, head of the Amnesty security lab as saying.