A parliamentary standing committee headed by Congress leader Shashi Tharoor will take up the WhatsApp snooping case in its next meeting on November 20, sources said on 6 November 2019. Two parliamentary panels headed by Congress leaders have decided to examine the WhatsApp snooping case and will seek details from top government officials including the home secretary.
- Tharoor, who heads the parliamentary standing committee on information technology, said in a letter to his panel members that alleged use of the technology for snooping on Indian citizens was a matter of "grave concern" and it would be discussed at the committee's next meeting on November 20.
- Earlier, Facebook-owned WhatsApp said Indian journalists and human rights activists were among those globally spied upon by unnamed entities using an Israeli spyware Pegasus.
How does Pegasus come into your phone?
- The code is transmitted by calling the target phone on WhatsApp. The code enters the phone even if the call is not answered.
- According to some reports, the log of that call gets erased. According to The Citizen’s Lab of the University of Toronto, which worked with WhatsApp on identifying spyware victims, this is only one of the ways of delivering Pegasus.
- It notes several other cases such as alarming SMSs that prompt targets to click on a link
What does Pegasus do?
- Once installed, Pegasus can send the target’s contacts, calendar events, phone calls and messages on communication apps like WhatsApp and Telegram to the spyware’s controller.
- It could steal messages from even services that offer encryption because it was taking the messages before the encryption process.
- The controller can also turn the phone into a spying device by switching on its camera or microphone.
Who was targeted?
- According to reports, over 100 human-rights activists, lawyers, and journalists were targeted across the globe. This included several lawyers and journalists in India.
- Apple’s iOS security update 9.3.5 take care of the vulnerability exploited by Pegasus. Google, in an earlier blogpost, says it identifies infected Android phones and disable the malware and informs the targets.