Maharashtra activists spied on by Israeli security firm tell Firstpost how Citizen Lab helped uncover conspiracy

On Wednesday, The Indian Express reported that 'at least two dozen academics, lawyers, Dalit activists and journalists in India were contacted and alerted by WhatsApp that their phones had been under state-of-the-art surveillance for a two-week period until May 2019'

Greeshma Kuthar and Parth MN October 31, 2019 14:07:39 IST
Maharashtra activists spied on by Israeli security firm tell Firstpost how Citizen Lab helped uncover conspiracy
  • In May, WhatsApp located an attempt of a cyber attack through their video calling feature

  • The aim was to bug a particular phone with spyware

  • On 30 October, 2019, WhatsApp filed a suit in Federal Court claiming an Israeli Technology company called NSO group was behind it

On Wednesday, The Indian Express reported that "at least two dozen academics, lawyers, Dalit activists and journalists in India were contacted and alerted by WhatsApp that their phones had been under state-of-the-art surveillance for a two-week period until May 2019". Firstpost has located three such people: Nagpur-based lawyer-activist Nihalsingh Rathod, Pune-based cultural activist Rupali Jadhav and Gadchiroli-based lawyer and human rights activist Jagdish Meshram.

On 7 October, Rathod received a message on WhatsApp from an international number. The person identified himself as John Scott-Railton, and said he was a senior researcher at the Citizen Lab of the University of Toronto in Canada. "The Citizen Lab works on tracking internet threats against civil society," the message read, "I encourage you to do a little googling to figure out more about me and the Citizen Lab if you are suspicious."

He proceeded by sending the url of Citizen Lab website, and his own email address in case Rathod wanted to "check that [he was] real".

"I am lightly familiar with your work based on our research into an ongoing case, and this message concern a specific digital risk that we believe you face," John wrote, "I would like to set up a quick time to chat. Again, I apologise for the strangeness of such a contact, and understand it may be disconcerting. Unfortunately, there is no better way to do this kind of thing."

Maharashtra activists spied on by Israeli security firm tell Firstpost how Citizen Lab helped uncover conspiracy

John Scott-Railton's chats with Nihalsingh Rathod. Screenshots procured by Parth MN

Rathod is a human rights lawyer and activist who has been fighting the Bhima-Koregaon case against the state government of Maharashtra. "Citizen Lab wanted to ask me if I had received any strange messages or emails," he said, "I told them of an email I received from an address I didn’t expect to."

Meshram said he received video calls from international numbers. He said he tried picking them up, but the call would disconnect. Between 7 April and 15 May, he received 15 to 20 such video calls. In The Washington Post, Will Cathcart wrote, "A user would receive what appeared to be a video call, but this was not a normal call. After the phone rang, the attacker secretly transmitted malicious code in an effort to infect the victim’s phone with spyware. The person did not even have to answer the call."

Maharashtra activists spied on by Israeli security firm tell Firstpost how Citizen Lab helped uncover conspiracy

(left) Rathod's chat with John, (centre) the message from WhatsApp, (right) Rathod's email to his contacts. Screenshots procured by Parth MN

On 28 October, Jadhav received messages from John, who introduced himself in a similar manner.  She is a cultural activist with the Kabir Kala Manch. John proceeded to inform Jadhav that he was familiar with who she is, based on the research that the Citizen Lab was pursuing in what he called an 'ongoing case'. He mentioned that the message concerned a 'specific cyber risk' that they believe she faced earlier in 2019.

John went on to request Jadhav for a time to speak over the phone — a request to which she is yet to acquiesce. Jadhav subsequently received messages from WhatsApp where the reasons for the message to her was stated as:

"In May, we stopped an attack where an advanced cyber actor exploited our video calling to install malware on user devices. There’s a possibility this phone number was impacted, and we want to make sure you know how to keep your mobile phone secure".

Maharashtra activists spied on by Israeli security firm tell Firstpost how Citizen Lab helped uncover conspiracy

(left) Rupali Jadhav's WhatsApp chat with John, (right) the message from WhatsApp. Screenshot procured from Jadhav's Facebook post

Jadhav accessed links mentioned in the message titled 'how to stay secure'. "When I went through what is mentioned under ‘help on video calling cyber attack’, it had instructions, one of them saying that I should get a new handset to evade further privacy concerns. I should now get a new phone for no fault of mine?" she asked, adding that she had just purchased her handset. This incident is likely to dent WhatsApp's credibility, a private messaging service, which prides itself on its end to end encryption.

In May, WhatsApp located an attempt of a cyber attack through their video calling feature. The aim was to bug a particular phone with spyware. On 30 October, 2019, WhatsApp filed a suit in Federal Court claiming an Israeli Technology company called NSO group was behind it. In a piece in The Washington Post, Will Cathcart, head of WhatsApp, which is owned by Facebook, thanked Citizen Lab for helping them with the investigation. "We’re grateful to experts at the Citizen Lab at the University of Toronto for their work in this regard," he wrote, "They volunteered to help us understand who was affected by the attack and engaged with journalists and human rights defenders to help them better protect themselves in the face of these threats."

The lawsuit filed by WhatsApp says NSO targeted about 1,400 WhatsApp users with a spyware called Pegasus. “Indian journalists and human rights activists have been the target of surveillance and while I cannot reveal their identities and the exact number, I can say that it is not an insignificant number,” a WhatsApp spokesperson told The Indian Express.

Updated Date:

Find latest and upcoming tech gadgets online on Tech2 Gadgets. Get technology news, gadgets reviews & ratings. Popular gadgets including laptop, tablet and mobile specifications, features, prices, comparison.

also read

Happy Lohri 2021: How to download, curate WhatsApp stickers for Lohri
News & Analysis

Happy Lohri 2021: How to download, curate WhatsApp stickers for Lohri

WhatsApp has limited stickers in its featured sticker packs, so here is how you can curate your own stickers or download sticker apps from the app store.

Signal to soon roll out chat wallpapers, animated stickers and more features for users in India
News & Analysis

Signal to soon roll out chat wallpapers, animated stickers and more features for users in India

For iOS users, Signal will be coming out with media auto-download settings and full-screen profile photos.

How to move WhatsApp group chats to Signal messaging app
News & Analysis

How to move WhatsApp group chats to Signal messaging app

The Signal app has become the top free app on the Play Store and App Store in India.