The case against a jailed Indian activist has come under renewed scrutiny after it was revealed that the man, a critic of the government, had his phone hacked using controversial Israeli spyware, the Guardian reported.
The report published Friday said an analysis of Rona Wilson’s phone by experts from Amnesty International found that it was infected with Pegasus spyware, developed by the NSO Group, between July 2017 and March 2018, some three months before he was arrested on terror-related charges.
Amnesty’s investigation found that during that period, Wilson’s phone was targeted with 15 text messages containing links to install the Pegasus spyware and compromise the device.
The report said Wilson was part of a network of advocates for the rights of indigenous communities and Indians who are members of low castes. Members of the network have been detained since 2018.
The report said research carried out by US digital forensic science firm Arsenal Consulting found that evidence had been planted on the computers of some of those detained, including Wilson.
Wilson’s phone number was on a list of targets for the software that was published earlier this year as part of the Pegasus Project, an investigation into the use of the spyware by news organizations and a French nonprofit.
When asked about Wilson, NSO Group gave a statement to the Guardian: “Without addressing specific countries and customers, the allegations raised in this inquiry are not clear.
“Once a democratic country lawfully, after due process, uses tools to investigate a person suspected in an attempt to overthrow a [democratically elected] government, this would not be considered a misuse of such tools by any means.”
NSO Group has faced a torrent of international criticism over allegations it helps governments spy on dissidents and rights activists. NSO insists its product is meant only to assist countries in fighting crime and terrorism.
The firm’s flagship spyware, Pegasus, is considered one of the most powerful cyber-surveillance tools available on the market, giving operators the ability to effectively take full control of a target’s phone, download all data from the device, or activate its camera or microphone without the user knowing.
Critics say that in India it is part of a growing assault on dissent and civil liberties under the Hindu nationalist government of Prime Minister Narendra Modi.
India was one of 45 countries where tens of thousands of numbers were targeted by the spyware, according to leaked documents released this year.
The Indian government has said it will not deny or confirm the use of Pegasus because of national security.
In October, India’s Supreme Court ordered an independent investigation into the alleged government use of Pegasus on journalists, opposition politicians, and activists, with the chief justice calling the implications “Orwellian.”
The United States Department of Commerce has blacklisted NSO, restricting the Herzliya-based firm’s ties with American companies over allegations that it “enabled foreign governments to conduct transnational repression.”
In addition, Apple sued NSO Group for targeting the users of its devices, saying the firm at the center of the Pegasus surveillance scandal needs to be held accountable.
Apple is also seeking unspecified damages from NSO Group over what it says is the time and money it cost to respond to the spyware maker’s alleged abuse of its products, adding in its statement that it would donate any payouts to organizations that expose such spyware.
It was the second time NSO Group was targeted by a major US tech firm, with Facebook suing the Israeli company in 2019 for alleged targeting users of its WhatsApp messaging application.
A US Court of Appeals has rejected a motion by NSO Group to throw out Facebook’s suit against it. In a 3-0 vote, the court rejected NSO’s defense that it “could claim foreign sovereign immunity,” opening up the firm to additional suits such as the one filed by Apple.
Last month, the Moody’s credit rating agency published figures indicating that NSO Group is at growing risk of defaulting on about $500 million of debt amid upcoming cash flow issues following the US blacklisting.
Meanwhile, the Defense Ministry has dramatically scaled back the number of countries to which Israeli companies can sell cyber technologies amid global fallout over NSO Group, according to a report last month. The updated November list consists of 37 countries, down from 102, according to the Calcalist business news daily.
Countries with questionable human rights records, including Israel’s new allies Morocco and the UAE, have been removed, the report said.
Other dropped countries include Saudi Arabia and Mexico. The Saudis allegedly used NSO’s Pegasus spyware to monitor Washington Post journalist Jamal Khashoggi, who was killed in the Saudi Consulate in Istanbul in 2018. Mexico has also been said to use the surveillance technology on journalists and activists.
However, India remains on the updated list.