Late in the evening on October 28, Delhi-based freelance journalist Rajeev Sharma received a phone call. The caller identified himself as John Hilton, a researcher from CitizenLab, a Canada-based internet research agency. Sharma was warned that his phone had been under surveillance for two weeks until May 2019. He was not alone. It turns out that the phones of several dozen Indian journalists, lawyers and activists were hacked using an invasive Israeli-developed malware. A lawsuit was filed against Israeli cyber intelligence firm NSO by WhatsApp and its parent company Facebook in a US court in California on October 29, accusing it of using their messaging platform to dispatch ‘Pegasus’, a hacking tool named after a winged horse from Greek mythology, to approximately 1,400 mobile phones and devices worldwide.
While India was not specifically mentioned in the complaint, several Indian activists and journalists came forward to confirm they had received messages warning that they had been under state-of-the-art surveillance in May. The list of individuals under surveillance reportedly included human rights activists active in Maharashtra and Chhattisgarh. The names reported by the website Newslaundry include Shalini Gera, Rupali Jadhav, Nihalsingh Rathod, Bela Bhatia, Degree Prasad Chauhan, Anand Teltumbde, Shubhranshu Choudhary, Saroj Giri, Vivek Sundara, Ashish Gupta and Ankit Grewal.
WhatsApp discovered the vulnerability in May and messaged its 1.5 b