Another Pegasus strike: Siddharth Varadarajan targeted again, Amnesty International confirms
The original report was published by Amnesty International's Security Lab on its official website. You can read the original report by clicking here.
In collaboration with The Washington Post, Amnesty International has brought to light alarming revelations regarding the persistent utilization of the Pegasus spyware, developed by the NSO Group. The investigative findings expose the deliberate targeting of prominent journalists in India, a group that includes individuals who have previously fallen victim to attacks involving the same intrusive spyware.
The forensic investigations conducted by Amnesty International's Security Lab have substantiated that Siddharth Varadarajan, the Founding Editor of The Wire, and Anand Mangnale, the South Asia Editor at The Organised Crime and Corruption Report Project (OCCRP), are among the journalists who have recently been subjected to targeting with the Pegasus spyware on their iPhones. Notably, the latest identified case of such targeting occurred in October 2023.
The deployment of Pegasus, an exceptionally intrusive spyware, originated from the Israeli surveillance firm NSO Group. This development coincides with an unparalleled crackdown by Indian authorities on the freedom of peaceful expression and assembly. The far-reaching consequences of this crackdown are evident in the substantial chilling effect it has had on civil society organizations, journalists, and activists.
“Our latest findings show that increasingly, journalists in India face the threat of unlawful surveillance simply for doing their jobs, alongside other tools of repression including imprisonment under draconian laws, smear campaigns, harassment, and intimidation,” said Donncha Ó Cearbhaill, Head of Amnesty International’s Security Lab.
“Despite repeated revelations, there has been a shameful lack of accountability about the use of Pegasus spyware in India which only intensifies the sense of impunity over these human rights violations.”
Forensic evidence has brought to light renewed Pegasus spyware threats targeting individuals in India, as initially detected by Amnesty International's Security Lab. The observation of these indications occurred during a routine technical monitoring exercise in June 2023. This discovery comes several months subsequent to media reports indicating the Indian government was seeking to procure a new commercial spyware system.
In October 2023, Apple issued a new round of threat notifications globally to iPhone users who may have been targeted by “state-sponsored attackers”. More than 20 journalists, and opposition politicians in India were reported to have received the notifications.
Consequently, Amnesty International's Security Lab initiated a forensic analysis on the phones of individuals worldwide who had received these threat notifications, among them Siddharth Varadarajan and Anand Mangnale. The examination revealed discernible traces of Pegasus spyware activity on the devices belonging to both Indian journalists.
Evidence retrieved by the Security Lab from Anand Mangnale's device revealed the presence of a zero-click exploit. This exploit was transmitted to his phone via iMessage on 23 August 2023 and was specifically crafted to clandestinely install the Pegasus spyware. Notably, the targeted phone was operating on iOS 16.6, the most recent version available at that time.
A zero-click exploit refers to malicious software that enables spyware to be installed on a device without requiring any user action from the target, such as clicking on a link.
In addition, the Security Lab uncovered an attacker-controlled email address employed as part of the Pegasus attack on Anand Mangnale's device. The recovered samples align with the NSO Group's BLASTPASS exploit, which was publicly identified by Citizen Lab in September 2023. Notably, this exploit was subsequently addressed and patched by Apple in iOS 16.6.1, with the assigned CVE being CVE-2023-41064
Anand Mangnale’s phone was vulnerable to this zero-click exploit at the time of the attack. It is currently unclear if the exploit attempt resulted in a successful compromise of his device.
The attempted targeting of Anand Mangnale’s phone happened at a time when he was working on a story about an alleged stock manipulation by a large multinational conglomerate in India.
Amnesty International has a documented history of Siddharth Varadarajan being targeted and infected with Pegasus spyware in 2018. Subsequently, his devices underwent forensic analysis by a technical committee established by the Supreme Court of India in 2021 following the Pegasus Project revelations.
In 2022, despite the committee concluding its investigation, the Supreme Court did not make the technical report's findings public. The court highlighted that Indian authorities "did not cooperate" with the committee's investigations.
On 16 October 2023, Siddharth Varadarajan was targeted once again with Pegasus. The same attacker-controlled email address, identified in the Pegasus attack against Anand Mangnale, was also found on Siddharth Varadarajan's phone. This confirms that both journalists were targeted by the same Pegasus customer. There are no indications that the Pegasus attack was successful in this case.
Donncha Ó Cearbhaill, speaking on behalf of Amnesty International, emphasized that targeting journalists for their work constitutes an unlawful invasion of privacy and violates their right to freedom of expression. Ó Cearbhaill called on all countries, including India, to prohibit the use and export of highly invasive spyware that cannot be independently audited or limited in functionality.
In response to these findings, Reporters at The Washington Post reached out to NSO Group. The company, while refraining from commenting on specific customers, reiterated that all customers are vetted law enforcement and intelligence agencies, emphasizing the intended use of their technologies in combating terror and major crime. NSO Group maintained that their policies and contracts include mechanisms to prevent the targeting of journalists, lawyers, human rights defenders, or political dissidents not involved in terror or serious crimes. They asserted having no visibility into targets or collected intelligence.
NSO Group stated that it sells its products exclusively to government intelligence and law enforcement agencies. However, Indian authorities have not provided clarity or transparency on whether they have procured or used Pegasus spyware in India.
Amnesty International called for the immediate release of the Supreme Court Technical Committee Report on Pegasus use in India and urged the Indian government to conduct an independent, transparent, and impartial investigation into all cases of targeted surveillance. The organization also advocated for the public disclosure of information about any past, present, or future contracts with private surveillance companies, including NSO Group.
“Amnesty International is calling on all countries, including India, to ban the use and export of highly invasive spyware, which cannot be independently audited or limited in its functionality,” said Donncha Ó Cearbhaill.
In October 2022, OCCRP disclosed, based on an analysis of commercial trade databases, that India's primary domestic intelligence agency, the Intelligence Bureau, received a shipment of hardware from NSO Group in April 2017. The hardware matched the description of equipment used to operate the Pegasus system. The earliest Pegasus attacks identified by Amnesty International in India occurred in early July 2017.
In 2020, Amnesty International and Citizen Lab unveiled a coordinated operation targeting human rights defenders in India, employing commercial off-the-shelf spyware.
In 2021, as part of the Pegasus Project, Amnesty International, in collaboration with Forbidden Stories, exposed the targeting and infection of numerous civil society members and journalists in India through the use of NSO Group's Pegasus spyware. Siddharth Varadarajan was among those affected.
The original report was published by Amnesty International's Security Lab on its official website. You can read the original report by clicking here.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
Bengaluru: Tension at railway station over consignment of meat
Bengaluru, Jul 26: Tension prevailed at the Bengaluru City Railway Station when a consignment of meat weighing about three tonnes loaded in about 150 cartons reached here from Jaipur in a train on Friday night, railway sources said.
Puneeth Kerehalli, a cow vigilante, earlier jailed on murder charge, claimed it was dog meat. However, meat dealer Abdul Razzaq, who had ordered the meat, dismissed the charge.
The consignment was ordered legally and it is not dog meat but sheep meat, he said.
"We have legal documents to prove it. One can see the tail of the animal that was slaughtered. It's sheep and not dog," the meat trader said.
He alleged that Kerehalli wanted to make money by levelling false accusation.
Due to the commotion, a large number of people gathered there, and seeing the situation, police have been deployed.
