‘The phone numbers of over 40 Indian journalists appear on a leaked list of potential targets for surveillance, and forensic tests have confirmed that some of them were successfully snooped upon by an unidentified agency using Pegasus spyware,’ report Anuj Srivas and Kabir Agarwal in The Wire.
‘The leaked data includes the numbers of top journalists at big media houses like the Hindustan Times, including executive editor Shishir Gupta, India Today, Network18, The Hindu and Indian Express,’ they report, adding that ‘the presence of a phone number in the data does alone not reveal whether a device was infected with Pegasus or subject to an attempted hack. However, the Pegasus Project, a consortium of international news organisations, believes the data is indicative of potential targets identified in advance of possible surveillance attempts.’
Among the journalists whose names appear in the records are Sushant Singh, Shishir Gupta, Prashant Jha, Rahul Singh, Ritika Chopra, Muzammil Jaleel, Sandeep Unnithan, Manoj Gupta, Vijaita Singh, Swati Chaturvedi, Saikat Datta, Paranjoy Guha Thakurta, Smita Sharma, SNM Abdi Iftikhar Gilani and others.
The Wire’s founder-editors Sidharth Varadarajan and MK Venu, its diplomatic editor Devirupa Mitra and Rohini Singh also figure on the list.
The Wire said its analysis showed that most of these names were targeted between 2018 and 2019 -- in the run-up to the 2019 Lok Sabha general elections.
The Wire said the presence of a phone number in the data does alone not reveal whether a device was infected with Pegasus or subject to an attempted hack. However, the Pegasus Project, a consortium of international news organisations, believes the data is indicative of potential targets identified in advance of possible surveillance attempts.
‘Independent digital forensic analysis conducted on 10 Indian phones whose numbers were present in the data showed signs of either an attempted or successful Pegasus hack,’ it reported.
‘Pegasus is sold by the Israeli company, NSO Group, which says it only offers its spyware to “vetted governments”. The company refuses to make its list of customers public but the presence of Pegasus infections in India, and the range of persons that may have been selected for targeting, strongly indicate that the agency operating the spyware on Indian numbers is an official Indian one,’ the website added.
The list was accessed by France-based media non-profit, Forbidden Stories, and Amnesty International which they shared with 16 news organisations worldwide as part of a lengthy collaborative investigation called the Pegasus Project.
‘Working together, these news organisations -- which include The Guardian, the Washington Post, Le Monde and Suddeutsche Zeitung -- were able to independently identify the owners of over 1,571 numbers across at least 10 countries, and forensically examine a small cross-section of phones associated with these numbers to test for the presence of Pegasus,’ reports The Wire.
However, Israeli company NSO has disputed the claim that the leaked list is linked in any way to the functioning of its spyware. ‘In a letter to The Wire and other Pegasus Project partners, it initially said it had “good reason to believe” that the leaked data was “not a list of numbers targeted by governments using Pegasus”, but instead, may be part of “a larger list of numbers that might have been used by NSO Group customers for other purposes”,’ The Wire said.
‘However, the forensic testing of targeted phones has confirmed the use of Pegasus spyware against some of the Indian numbers on this list and has also established that this highly intrusive form of surveillance -- technically illegal under Indian law as it involves hacking -- is still being used to spy on journalists and others,’ the website added.