Pegasus Spyware Used Against Friends & Kin of Bhima Koregaon Accused: Report

Many numbers showed up in the leaked data even months after the persons were arrested and their phones were seized.

The Quint
India
Updated:
<div class="paragraphs"><p>Pegasus Spyware used for friends and families of Bhima Koregaon accused: Report</p></div>
i

Pegasus Spyware used for friends and families of Bhima Koregaon accused: Report

(Image: Mekhala Saran/The Quint)

advertisement

In the developing story of the Pegasus spyware, new names from the list of people under possible surveillance have come to the fore in connection with the Elgar Parishad case, which suggests a much wider use of the Israel-made software. The spyware is used for unrestricted 'surveillance' through a person's phone.

As per a report by The Wire on Sunday, 18 July, Pegasus was used to snoop on at least 300 Indian phone numbers, including those of over 40 senior journalists, opposition leaders, government officials, and rights activists.

Pegasus, a product of Israeli cyberweapons company NSO Group, was earlier in the news in late 2019 when it was found that spies used the spyware to hack into phones of roughly 1,400 users around the world, including 121 Indians.

Even then, names of the victims of surveillance had included Bhima Koregaon lawyer Nihal Singh Rathod, Elgar Parishad accused Anand Teltumbde, Bastar-based human rights lawyer Bela Bhatia, jailed activist Sudha Bharadwaj's lawyer Shalini Gera, and Gadchiroli-based lawyer Jagdish Meshram, among others.

Now, as per the leaked list of names provided to The Wire and 15 other international news organisations by France-based media non-profit, Forbidden Stories and Amnesty International, as part of a collaborative investigation called the 'Pegasus Project', names of Hany Babu Musaliyarveettil Tharayil, his wife Jenny Rowena, Vernon Gonsalves, Anand Teltumbde, Sudha Bharadwaj, Gautam Navlakha, retired professor Shoma Sen, and lawyer Arun Ferreira, have surfaced.

Moreover, at least nine numbers belonged to some eight activists, lawyers, and academics arrested between June 2018 and October 2020 for their alleged role in the Elgar Parishad case, a review of the leaked database by The Wire and partner news organisations showed.

WHEN DID THE SURVEILLANCE BEGIN?

Hany Babu, who is an associate professor from Delhi University, had gone to Kollam in Kerala with his family in mid-2017. Hany Babu and his wife Jenny Rowena had met their old friend from Delhi, Rona Wilson, who is a native of Kollam and a prisoners’ rights activist.

It was then, during their vacation, that Hany Babu and Wilson’s phone numbers were added to the list of phone numbers which included some selected for surveillance by a client of Israel’s NSO Group.

  • Wilson was named “prime accused” a year later in the Elgar Parishad case and arrested on 6 June, 2018.

  • Hany Babu was later interrogated about this trip by the National Investigation agency (NIA) for over a week before his arrest on 28 July, 2020.

Just the presence of a phone number in the leaked data does not reveal whether a device was infected.

Currently in judicial custody, Wilson and Hany Babu’s phones are with the investigating agency.

SOME BACKGROUND

The Bhima Koregaon case refers to violence that erupted in the vicinity of a war memorial in the village of that name on 1 January 2018. This was, the NIA claims, after provocative speeches were made during the Elgar Parishad conclave held a day earlier at Shaniwarwada in Pune.

Sixteen activists, lawyers and academics from across India have been arrested in the case since 2018.

Among them, was the 84-year-old Jharkhand-based tribal rights activist and Jesuit priest, Father Stan Swamy, who was arrested in October last year, and died on 5 July, awaiting bail on medical grounds.

THE SURVEILLANCE NET

Around a dozen more numbers belonging to close relatives, friends, lawyers and colleagues of those arrested also appear to have been of interest, though it is unclear if the attacker gained access to their phones.

The Wire verified the numbers and identities of those using them and stated that most of them were interrogated by Maharashtra’s Pune police and by the NIA in the last three years.

The leaked records also include the numbers of:

  • Telugu poet Varavara Rao’s daughter Pavana

  • Lawyer Surendra Gadling’s wife Minal Gadling

  • Gadling's associate lawyers Nihalsingh Rathod and Jagadish Meshram

  • Bharadwaj’s lawyer Shalini Gera

  • Teltumbde’s friend Jaison Cooper, a Kerala-based rights activist

  • Bastar-based lawyer Bela Bhatia

  • Cultural rights and anti-caste activist Sagar Gorkhe’s partner Rupali Jadhav

  • Tribal rights activist Mahesh Raut’s lawyer Lalsu Nagoti.

Five family members of one of the Elgar Parishad accused are also there in the list.

ADVERTISEMENT
ADVERTISEMENT

PHONE NUMBERS APPEARED EVEN AFTER SEIZURE

Though most numbers were added mid-2018, in some cases, the phones were chosen as targets. For Varavara Rao’s daughter, Pavana, her phone first appeared in the record around the time the 84-year-old Telugu poet and writer was placed under house arrest, The Wire reported.

Rao was released on conditional bail in February this year due to his deteriorated health, after spending close to 27 months in prison.

For Bharadwaj, Gonsalves, Sen, and Ferreira, as per the data, their phone numbers continued to show up in the leaked data even months after they were arrested and their phones were seized.

Though Bharadwaj was sent to jail on 26 October, 2018, her number appeared in the leaked data even after being arrested.

Her phone was in the custody of the Pune police at this time, which raises further questions on digital evidence tampering.

Representing several persons arrested in the case, senior lawyer Mihir Desai, said that this attack can’t be looked at as “simple surveillance. It goes beyond surveillance, it is actually interference with the person’s life. The malware is planted to get control over the person’s data and life,” The Wire reported.

The France-based media non-profit, Forbidden Stories, and Amnesty International’s Security Lab had access to these records, which they shared with The Wire and 15 other news organisations worldwide as part of a collaborative investigation and reporting project.

EVIDENCE WAS 'PLANTED': ARSENAL CONSULTING

Just a day after the death of activist Father Stan Swamy, a report by an American forensic agency claimed that evidence was 'planted' on the computer of Surendra Gadling, also arrested in the case.

The malware that targeted Gadling's computer via emails also had several other Bhima-Koregaon accused, including Swamy and Sudha Bhardwaj copied on the mails, the forensic agency has claimed.

The report comes just months after similar claims were made for another arrested activist Rona Wilson, who is also believed to be a victim of the same hackers who targeted Gadling.

The report, dated June 2021, was published by Arsenal Consulting based in Boston, and as per the report, Gadling's computer had been targeted for over two years via emails, on which several accused including Stan Swamy were also copied, NDTV reported.

NetWire, a commercially available form of malware, was reportedly used to target Gadling's computer.

WHAT HAPPENED IN 2019?

Two years back, WhatsApp had informed several Dalit rights lawyers and activists of the spyware attack that had targeted them in May 2019, the activists had told The Quint.

In October 2019, WhatsApp had said it was suing NSO Group in what it called was a 'cyber attack'.

Responding to allegations by WhatsApp, the Israeli company had said that 'there is no dispute as the alleged use of Pegasus to message 1,400 foreign WhatsApp users in April and May 2019 was done by sovereign governments in foreign countries'.

Answering questions in the Lok Sabha, Electronics & IT Minister Ravi Shankar Prasad on 28 November 2019 had replied with a double negative, saying that there had been 'no unauthorised interception' of citizens' phones by the government.

Now, the NSO group has clarified, that the technology is sold solely to law enforcement and intelligence agencies of vetted governments.

After the story broke last night, the government reiterated that the Minister of Electronics and IT had said that there has been 'no unauthorised interception by government agencies', without mentioning the use of Pegasus.

(With inputs from The Wire)

(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)

Published: 19 Jul 2021,12:28 PM IST

ADVERTISEMENT
SCROLL FOR NEXT