Pegasus spyware targets Bangladesh-Indian government phones


While it has been revealed that UK government officials have been infected with the NSO Group’s infamous Pegasus spyware, which can activate a phone’s camera or microphone and harvest its data, according to a credible source, this spyware is also targeting dozens of mobile phones used by officials in Bangladesh and India.

In UK, Pegasus has hit phones both in the Prime Minister’s Office as well as the Foreign Commonwealth Office, involving personnel in many countries, and devices located abroad and using foreign SIM cards, according to Amnesty International’s latest investigation.

At the same time, the Citizen Lab has found evidence, corroborated by Amnesty’s Tech Lab, of the extensive use of the spyware against Catalans using Pegasus and Candiru.

In this case, it includes members of the European Parliament, Catalan presidents, legislators, jurists and members of civil society organizations.

The latest scandal comes as the European Parliament has voted to investigate abuses of Pegasus by European member states.

“The Pegasus revelations laid bare how the surveillance industry is out of control, unaccountable and unconstrained”, said Likhita Banerji, technology and human rights researcher at Amnesty International.

Publicizing these abuses is part of an international collaboration between Amnesty and media organizations in 10 countries to highlight how phones are being weaponized against individuals.

Amnesty believes that the unlawful use of targeted surveillance technologies against journalists and other members of civil society has caused a digital surveillance crisis.

“It has exposed how current regulatory tools are not fit for purpose and stronger spyware regulation and urgent accountability are needed,” Banerji told reporters.

The most recent discoveries provide more evidence of the rise in spyware that is delivered through zero-click attacks.

While WhatsApp has been found to be used, it’s not the only means.

Zero-click attacks do not require any action by the user and can be delivered in messaging apps, as well as while viewing a PDF or email and through Wi-Fi vulnerabilities.

These attacks can exploit zero-day vulnerabilities, known exploits that remain unpatched, or attack vectors discovered and exploited before the developer can address it.

The rise in zero-click at tacks driven by the growing use of surveillance software and the range of people targeted — company executives, investigative journalists, activists, politicians and world leaders — has heightened the concern among human rights groups.


Please enter your comment!
Please enter your name here