Skip to main content

NSO has carried out 'unlawful' surveillance to target Amnesty staff members, HRDs


Counterview Desk
Following the exposure that Israeli spyware Pegasus, manufactured by NSO Group, has been used as a surveillance tool on smartphones used by about 1,500 human rights defenders (HRDs), journalists and activists, including in India, the top rights body, Amnesty International India, has appealed to those who have received a notification immediately to get in touch with Amnesty Tech at share@amnesty.tech for support.
An Amnesty release on November 2 said that the rights body could also be contacted “on Signal or WhatsApp at +44 7492 882216”, adding, “We would be keen to provide support to HRDs, who have been targeted, to ensure they take defensive security measures immediately, as well as to understand more about the attacks and investigate possible infections.”
Meanwhile, Amnesty has put out questions and answers for HRDs, activist, or journalist based in India to understand NSO Group’s spyware Pegasus especially the WhatsApp targeting.

Text:

Q: What do we know about the NSO Group and its ‘Pegasus’ Spyware?
A: ‘NSO Group’ is an Israeli spyware manufacturer that claims to sell its surveillance tools – the most well-known being its Pegasus spyware – exclusively to governments and government agencies ‘to combat terror and crime’.
Its products have been misused multiple times to conduct unlawful surveillance against human rights defenders. In the past, it has been used to target an Amnesty International staff member, HRDs, activists, and journalists from Saudi Arabia, UAE, Mexico, Morocco, and Rwanda.
Q: How does Pegasus work?
A: If infected by the Pegasus spyware, the user’s Smartphone is compromised. It can track keystrokes, take control of the phone’s camera and microphone, and access contact lists and encrypted messages.
Until now, Pegasus is known to be delivered through SMS messages carrying malicious links and through exploiting a zero-day vulnerability on WhatsApp. In the latter, intrusive spyware could be delivered on to the target’s mobile device without the targeted person having to click on a malicious link. The targeted person would simply see a missed call on WhatsApp.
In addition to this, Amnesty International has also found evidence of network injection attacks that could also be attributed to NSO Group. Network injection attacks are generally called “man-in-the-middle” attacks. Through this, an attacker with access to a target’s mobile network connection can monitor and opportunistically hijack web traffic and silently re-route the web browser to malicious exploit pages.
Q: How did the targeting via WhatsApp work?
A: NSO Group exploited a security vulnerability in WhatsApp until May 2019. In order to exploit this, the digital attack initiated WhatsApp calls to the target’s device. Attackers may have tried to exploit this issue by making calls multiple times during the night when the target was likely to be asleep and not notice these calls. Successful infection of the target’s device may result in the app crashing. There is a possibility that the attacker may also remotely erase evidence of these calls from the device’s call logs. Evidence of failed attacks may appear as missed calls from unknown numbers in your WhatsApp call log.
Q: If I didn’t receive a notification from WhatsApp, does this mean I wasn’t targeted by NSO Group’s tools?
A: NSO Group’s Pegasus tool is used for targeted attacks and by design, is not meant for mass surveillance. This means that only select individuals would have been targeted. However, if you are a high risk user, i.e., an activist, journalist, or HRD involved in politically sensitive activism, you cannot presume that you have not been targeted simply because you haven’t received a notification from WhatsApp.
The attack was delivered by exploiting a vulnerability in WhatsApp. However, NSO Pegasus infections can also be delivered through other means. Based on information revealed by our own investigations, an Amnesty International staffer was targeted using SMS messages. One HRD in Morocco was targeted both before and after the attacks using the WhatsApp exploit, but not with the WhatsApp exploit itself. Both of them were targeted using SMS messages containing malicious links and network injection attacks that could also be attributed to NSO Group’s tools. This indicates that NSO Group has the documented capability to deliver infections through means other than WhatsApp.
Q: If WhatsApp was targeted, can’t I just switch to another encrypted platform?
A: No. A vulnerability in the WhatsApp software was exploited to deliver the spyware. All complex software can have these types of vulnerabilities. This vulnerability was not a flaw in WhatsApp’s end-to-end encryption protocol.
This also does not mean that only the Whatsapp data of the target was compromised. If the attack attempt was successful, the spyware would gain full access to the device. Any other data on the device including encrypted platforms such as Signal or Telegram could then also have been accessed.
Q: Can Pegasus plant data into my devices?
A: Based on publicly available information, planting data is not a feature of NSO Group’s Pegasus spyware.
Q: What steps can I take to protect myself?
A: None of the security best practices offer complete and foolproof protection. However, it is a good practice to install the latest software updates of operating systems and encrypted messaging applications on your mobile device.
Pegasus remains a relatively uncommon threat and standard digital hygiene steps are still important. Keep your devices software up-to-date. Use a unique password for each service that you use and store these passwords in a secure password manager. Enable two-factor authentication on all accounts where it is available.

Comments

TRENDING

How community leaders overcome obstacles to protect forests and pastures in remote villages

By Bharat Dogra  Dheera Ram Kapaya grew up in such poverty that, unable to attend school himself, he would carry another boy’s heavy school bag for five kilometers just to get a scoop of daliya (porridge). When he was finally able to attend school, he had to leave after class five to join other adolescent workers. However, as soon as opportunities arose, he involved himself in community efforts—promoting forest protection, adult literacy, and other constructive initiatives. His hidden talent for writing emerged during this time, and he became known for the songs and street play scripts he created to promote forest conservation, discourage child marriages, and support other social reforms.

Workers' groups condemn Gujarat Ordinance increasing working hours, warn of statewide agitation

By A Representative   At a consultation organised today by the Asangathit Shramik Hit Rakshak Manch at Circuit House in Ahmedabad, leaders of major trade unions and labour rights organisations strongly opposed the Gujarat government’s recent ordinance amending the Factories Act and the draft rules notified under the Occupational Health and Safety (OHS) Code, 2020. Around 50 representatives from central trade unions, independent unions, and labour welfare organisations participated in the meeting.

Deaths in Chhattisgarh are not just numbers – they mark a deeper democratic crisis

By Sunil Kumar  For a while, I had withdrawn into a quieter life, seeking solace in nature. But the rising tide of state-sponsored violence and recurring conflict across India has compelled deeper reflection. The recent incidents of killings in central India—particularly in Chhattisgarh—are not isolated acts. They point to a larger and ongoing crisis that concerns the health of democracy and the treatment of marginalised communities.

'Bengali Muslim migrant workers face crackdown in Gurgaon': Academic raises alarm

By A Representative   Political analyst and retired Delhi University professor Shamsul Islam has raised serious concerns over the ongoing targeting and detention of Muslim migrant workers from West Bengal in Gurgaon, Haryana. In a public statement, Islam described the situation as "brutal repression" and accused law enforcement agencies of detaining migrants arbitrarily under the pretext of verifying their citizenship.

Gender violence defies stringent laws: The need for robust social capital

By Dr. Manoj Kumar Mishra*  The tragic death of Miss Soumyashree Bisi, a 20-year-old student from Fakir Mohan College, Balasore, who reportedly self-immolated due to harassment, shocked the conscience of Odisha. Even before the public could process this horrifying event, another harrowing case emerged—a 15-year-old girl from Balanga, Puri, was allegedly set ablaze by miscreants. These incidents are not isolated; they highlight a disturbing pattern of rising gender-based violence across the state and the country.

The GMO illusion: Three decades of hype, harm, and false hope

By Sridhar Radhakrishnan  Three decades of hype, billions of dollars spent, and still no miracle crop. It's time to abandon the GMO biotech fairy tale and return to the soil, the seed, and the farmer. “Trust us,” they said. “GMOs will feed the world.” Picture a world where there is plenty of food, no hunger, fields grow without chemical pesticides, children are saved from malnutrition, and people live healthily.

The myth of population decline: India’s real challenge is density, not fertility

By N.S. Venkataraman*   India’s population in 2025 stands at approximately 1.4 billion. In 1950, it was 359 million, rising sharply to 1.05 billion by 2000. The population continues to grow and is projected to reach around 1.7 billion by 2050.

How natural and organic farming can be a key to combating the climate crisis

By Raj Kumar Sinha*  On July 9, while addressing the “Sahkar Samvad” in Ahmedabad with women and workers associated with cooperatives from Gujarat, Madhya Pradesh, and Rajasthan, Union Home Minister Amit Shah emphasized that natural farming is essential for both our health and the health of the soil. This is a significant statement in the context of addressing the climate change crisis. Natural farming can play a crucial role in combating climate change. Also known as organic farming, it is a system of agriculture that can increase food production without harming the environment. Natural farming has the potential to reduce carbon emissions by 35% to 50%.

Indigenous Karen activist calls for global solidarity amid continued struggles in Burma

By A Representative   At the International Festival for People’s Rights and Struggles (IFPRS), Naw Paw Pree, an Indigenous Karen activist from the Karen Human Rights Group (KHRG), shared her experiences of oppression, resilience, and hope. Organized with the support of the International Indigenous Peoples Movement for Self-Determination and Liberation (IPMSDL), the event brought together Indigenous and marginalized communities from across the globe, offering a rare safe space for shared learning, solidarity, and expression.