In the vulnerability, a WhatsApp user could receive what appears to be a video call and even if the call is unanswered, the attacker could transmit malicious code to infect the victim’s phone with spyware. Another NSO Group software, Pegasus, was used to install spying software on devices between August 2016 and August 2018 by Toronto-based Citizen Lab.
The NSO Group claims to sell surveillance
technology to governments globally only for the purposes of fighting terrorism and crime but has been accused of selling to governments that have a track record of spying on its citizens.
In response to a Right to Information request, asking if the government has bought from the NSO Group, filed by activist Saurav Das, the MHA said it had no information on the issue. The Opposition and experts did not take kindly to the government’s stand. “I am extremely concerned and I am sure the parliamentary committee on information technology would share my concerns. However, the story only broke after our last meeting. I intend to consult other members by email on the matter. In any case, cybersecurity is a major issue on our agenda and we are definitely going to take this up under that rubric. Of course, we will be seeking clarifications from the government,” said Shashi Tharoor, who heads the panel on IT.
Randeep Singh Surjewala, in-charge, All India Congress Committee Communications, said the Centre needs to answer which agency purchased the software and what action it would take.