Indian journalists, human rights activists and civil society organisations were not only targeted through the Pegasus spyware but also through email malware, Amnesty International has claimed.
These emails were sent out between September and October, and were customised to appeal to the interests of individual users, reported The Wire on Thursday. Amnesty International’s “Technology and Human Rights” programme discovered the digital attacks last month.
The targets received the malware through emails with subject lines designed to be relevant to them, and the content resembling a file-sharing service such as Google Drive or Dropbox. To avoid suspicion, the emails were sent using names such as Sneha Patil, Payal Shastri, and Jennifer Gonzales. Some of the subject lines were: “Reminder summons for rioting case”, “Pune SHO sexually abuse journalists” and “Re: Summons notice for rioting case Cr.24/2018”.
The malicious program was couched in a PDF file that the targets were requested to download. The malware got installed on the device while the file appeared, giving the attacker full visibility and control of the computer. The hacker could then access the target’s files, camera, take screenshots and record everything being typed on the keyboard.
Amnesty said it was investigating which groups were behind the attacks. Till now the malware has affected only Windows systems. The organisation said receiving the email does not necessarily mean the user’s computer has been infected.
Amnesty said anyone who suspects they may have been targeted should not click on links, attachments and media in suspicious emails. Such users should forward the email to firstname.lastname@example.org for investigation, it added. “You should remain vigilant to similar future attacks,” Amnesty advised journalists and activists. “Attackers might try to target you including via Twitter DM, Facebook Message or WhatsApp. Do not click on any suspicious links.”
Some of those who were targeted in this malware attack, according to The Wire, are Delhi University English Professor Prem Kumar Vijayan, Dalit rights activist and People’s Union for Civil Liberties Chhattisgarh state President Degree Prasad Chouhan, the Jagdalpur Legal Aid Group and one of its lawyers Isha Khandelwal, Nagpur-based human rights lawyer Nihalsing Rathod, Kolkata-based molecular biologist Partho Sarothi Ray, and a reporter in Mumbai.
Chouhan and Rathod were among those who were targeted in the Pegasus spyware attack in May. The government told Parliament on Wednesday that the personal data of at least 20 WhatsApp users was accessed in the cyberattack in which 121 Indians were targeted. The spyware was developed by an Israeli company that claimed the software was sold to only government agencies. The government, however, has denied its role in the illegal surveillance of the devices while Congress leader Digvijaya Singh has demanded a Joint Parliamentary Committee inquiry.
The Parliamentary Standing Committee on Information Technology is also looking into the matter. On November 19, as many as 17 of the human rights activists, scholars and journalists targeted using the spyware urged the committee to summon officials from relevant government departments to investigate unauthorised surveillance operations. They urged the panel to ask the officials if they had purchased and deployed Pegasus.