The WhatsApp communications app is seen on a smartphone.
Hackers were able to remotely install surveillance software on phones and other devices by using a major vulnerability in the messaging app.
India has asked Facebook-owned WhatsApp to explain the nature of a privacy breach on its messaging platform that has affected some users in the country, Information Technology Minister Ravi Shankar Prasad said on Thursday.
Lawyer Nihalsing Rathod, who has defended human rights activists arrested after caste-based violence broke out in the western state of Maharashtra in August 2018, told BBC Marathi that his phone had been targeted.
The digital assault happened on individuals ranging from Africa, Asia, Europe, the Middle East and North America "that took place after Novalpina Capital acquired NSO Group and began an ongoing public relations campaign to promote the narrative that the new ownership would curb abuses".
The hacks would have given the attackers (which the victim lawyers are now assuming to have been the government) basically unfettered access to any documents on the lawyers' smartphones, allowing monitoring of their location, microphone, calls and even live video feeds. The said spyware reportedly aimed to attack both the human rights advocates and journalists. "In May we quickly resolved a security issue and notified relevant Indian and worldwide government authorities", an organization spokesperson stated in an announcement.
"The government is committed to protecting the privacy of all Indian citizens". The company has declined to comment on the identities of NSO Group's clients, who ultimately chose the targets. "It is how we have our most private conversations and where we store our most sensitive information".
Despite NSO's denial, WhatsApp said it was confident about its accusation as the company has evidence of the software development company's involvement in the spyware, specifically, its attack.
But activists whose WhatsApp numbers were breached have started to come forward, triggering outcry in the country.
"It is an open secret that many technologies branded for law enforcement investigations are used for state-on-state and political espionage", said John Scott-Railton, a senior researcher with CitizenLab. Citizen Lab exposed the surveillance by Pegasus and flagged WhatsApp about it.
"I just wonder how well that #Libra project will work once you encounter a transaction you won't be a fan of".
According to WhatsApp, the attackers made the calls from WhatsApp accounts that were created for the objective of infecting other WhatsApp users.
The assault, in response to WhatsApp, exploited its video calling system in an effort to ship malware to the cellular units of quite a lot of customers. The emails show Andhra Pradesh Police Intelligence wanted to procure telephone interception tools right after Chandrababu Naidu's phone calls were leaked to the press in July 2015.
The publication learnt that at least 24 Indian academics, lawyers, Dalit activists and journalists were contacted by WhatsApp and alerted that their phones had been under state-of-the-art surveillance for at least two weeks until May 2019.
The usage of Pegasus spyware by powerful agents to spy on Indian activists was not a surprise to numerous country's human rights defenders and members of civil society.