The IT Ministry on Thursday sought a detailed response from Facebook-owned messaging platform WhatsApp by November 4 after the company said an Israeli tech firm snooped on some selected WhatsApp users, including Indian journalists and human rights activists, in India.
In a lawsuit filed in a US federal court, WhatsApp alleged that Israel's NSO Group used spyware called 'Pegasus' to target over 1,400 WhatsApp users, a few of them in India. As per WhatsApp, the spyware targeted victims by giving missed calls on their mobile phones.
The attack was developed to access messages after they were decrypted on an infected device, abusing in-app vulnerabilities and the operating systems that power mobile phones. "WhatsApp cares deeply about the privacy and security of our users... which is why we provide end-to-end encryption for all messages and calls by default," said the company, adding it's the first time it had taken legal action against a private entity who had carried out this type of attack.
The number of victims in India was not high and the company has reportedly contacted each of the victims -- which included academics, lawyers, Dalit activists and journalists. The issue had come to the fore after cybersecurity experts at the Citizen Lab, an academic research group based at the University of Toronto's Munk School, studied the impact of this attack.