The government knew about Pegasus, experts say, publish ministry websites as evidence
NEW DELHI: One day after the Center denied having information on spyware Pegasus, several cyber experts have presented online evidence that a computer emergency team working with the Union's Ministry of Information Technology knew of the vulnerability when it was first reported in May this year.
(IFF), an NGO, has posted an archive link to a web page of the Computer Emergency Response Team (CERT) of the ministry that shows a buffer overflow vulnerability in WhatsApp.
The severity rating of the vulnerability was rated as high. Details were published in a section called Vulnerability Notes, on the CERT website on May 17. The website was recently removed but its electronic traces remain online.
An online incident report mentioned NSO Group malware and it was up to CERT to further investigate the exploitation, as it indicated that the security and privacy of Indian users could have been compromised. WhatsApp is used by millions in India. There was clearly a lack of adequate investigation when dealing with the incident report, ”said IFF executive director Apar Gupta to TOI.
The CERT incident report contains a link that redirects to a web page (hackernews.com) that mentions Whatsapp has recently patched a serious vulnerability that attackers were exploiting to remotely install surveillance malware.
It names the spyware as Pegasus and says it’s “discovered, weaponized and sold by the Israeli company.”
Aditi Agarwal, senior associate researcher at Medianama, also noted on Twitter that the links on the archived CERT-In website mention the magic word NSO and Pegasus.
“So, can CERT claim some kind of ignorance? I would say not. Can you blame WhatsApp for not reporting? No. Not only because WhatsApp (did) informed the government and the proof is on the website now retired, ”he posted on Twitter on Saturday.
“Remember that @IndianCERT is a computer emergency response team. It's an emergency response team and they forgot about the emergency in May with #WhatsApp, wrote cyber expert Srinivas Kodali on Twitter.
A WhatsApp spokesman also reaffirmed on Friday that the company quickly resolved a security issue and notified the relevant Indian and international government authorities in May.
We agree with the government of India, it is essential that together we do everything possible to protect users from hackers trying to weaken security, said the spokesman.