---
layout: default
title: "DEEPDIVE: I SPY"
description: "A Mumbai Mirror investigation into the WhatsApp-Pegasus cyber intrusion affecting 1,400 users across 20 countries, featuring expert commentary from Sunil Abraham on government surveillance contracts and the urgent need for surveillance reform and data protection legislation in India."
categories: [Media mentions]
date: 2019-11-02
source: "Mumbai Mirror"
authors: ["David Delima"]
permalink: /media/deepdive-i-spy-whatsapp-pegasus-mumbai-mirror/
created: 2025-12-21
---

**DEEPDIVE: I SPY** is an investigative feature by David Delima published by *Mumbai Mirror* on 2 November 2019. The article examines one of the biggest cyber surveillance scandals to hit India, deconstructing the WhatsApp-Pegasus intrusion that affected 1,400 users across 20 countries, including at least 20 Indians, with expert analysis from Sunil Abraham on government involvement in contracting legal hacking solutions and the critical need for surveillance reform.

## Contents

1. [Article Details](#article-details)  
2. [Full Text](#full-text)  
3. [Context and Background](#context-and-background)  
4. [External Link](#external-link)

## Article Details

<dl class="media-details">
  <dt>📰 Published in:</dt>
  <dd>Mumbai Mirror</dd>

  <dt>✍️ Author:</dt>
  <dd>David Delima</dd>

  <dt>📅 Date:</dt>
  <dd>2 November 2019</dd>

  <dt>📄 Type:</dt>
  <dd>Investigative feature / Deep dive</dd>

  <dt>📰 Newspaper Link:</dt>
  <dd>
    <a class="btn" href="https://mumbaimirror.indiatimes.com/mumbai/other/deepdive-i-spy/articleshow/71859870.html">Read Online</a>
  </dd>
</dl>

## Full Text

<div class="highlighted-text" id="fulltext">

<p><strong>█ DEEPDIVE</strong></p>

<p><strong><u>Issue: WhatsApp Cyber Intrusion</u></strong></p>

<p><strong>1,400 affected in 20 countries</strong></p>

<p><em>As one of the biggest cyber snoopgates to hit India unravels, we deconstruct some myths and fears surrounding the dark horse of cyber intrusion that is sure to have far-reaching consequences on our idea of privacy</em></p>

<hr class="section-separator">

<h3>How many spied on?</h3>

<p>1,400 across 20 countries. At least 20 Indians (* Number yet to be verified)</p>

<h3>When?</h3>

<p>Between April 29 and May 10</p>

<h3>Who were targeted?</h3>

<p>High-ranking government and military officials, opposition leaders, lawyers, activists</p>

<h3>Pegasus 2.0 – The dark horse</h3>

<p>Earlier, the virus was sent via an SMS or a WhatsApp message as a link. Clicking on the link immediately infected the user's device. The updated version of Pegasus, however, is even more powerful – a missed call is enough for the malicious code to get into your phone.</p>

<h3>Can you uninstall it?</h3>

<p>There is no known way to uninstall Pegasus. Even a factory reset won't help, according to reports. But now that WhatsApp has patched the security issue, buying a new device and changing all your passwords may be the only way to get rid of it.</p>

<hr class="section-separator">

<blockquote class="pullquote">
<p>NSO is a private player using capabilities that Israelis have. There is no Israeli govt involvement here, everyone knows this is not about the state of Israel</p>
<footer>— Zeev Elkin, Israeli security cabinet minister</footer>
</blockquote>

<hr class="section-separator">

<h3>Why is this important, especially for WhatsApp chats?</h3>

<p>WhatsApp chats are touted to be protected by the strongest encryption methods known today. This means that any message shared between two users is heavily protected while it travels from one phone to another and no third party can view the encoded messages, not even WhatsApp.</p>

<p>Pegasus, however, once installed on the user's phone, renders this protection completely useless as once the messages are decoded and stored on the user's phone, the malware can upload the conversations and attachments to the monitoring server silently in the background.</p>

<h3>What has been done so far?</h3>

<p>International firms and their misdeeds are a little difficult to rectify due to global norms. On its part though, WhatsApp has filed a lawsuit against NSO Group in a California federal court alleging that the company violated its terms of service and "developed their malware in order to access messages and other communications after they were decrypted on target devices".</p>

<p>NSO has disputed the allegations stating that they will 'vigorously fight them.'</p>

<h3>What is India's stand?</h3>

<p>This one is a little difficult to explain. NSO says they sell their software exclusively to authorised government agencies. And even though the Indian government has outright denied its involvement, the fact remains that the software has reportedly been used to target journalists and civil activists that have dared to take on the government and/or question its policies. Several of the targeted users who have come forward to report the hack are associated with the ongoing Bhima Koregaon case.</p>

<p>Instead, pointing the gun back at the messaging giant, the Information and Technology ministry has sought a detailed response from WhatsApp by November 4.</p>

<h3>Why disclose now?</h3>

<p>Questions are being raised on whether the disclosure was a rearguard action by WhatsApp to prevent the government from bringing measures on traceability and accountability. Recently, the Centre sought three months' time from the Supreme Court to formulate rules to curb misuse of social media in the country. Earlier too the messaging giant has faced flak from the Indian government for being misused for spreading misinformation that led to incidents of mob lynching.</p>

<hr class="section-separator">

<blockquote class="pullquote">
<p>Our highest priority is the privacy and security of WhatsApp users. We agree with the government of India it's critical that together we do all we can to protect users from hackers attempting to weaken security.</p>
<footer>— WhatsApp spokesperson</footer>
</blockquote>

<hr class="section-separator">

<h3>Should you be concerned?</h3>

<p>If you haven't received a message from WhatsApp informing you of the hack, then no.</p>

<p>As the software has been developed to target individual users to glean important information, it is unlikely that the average user will be targeted. WhatsApp has also since patched the security hole that enabled the hacks.</p>

<p>If you have reason to suspect you were targeted, you must contact Citizen Lab or another cybersecurity agency, and avoid using your device for any sensitive communication.</p>

<h3>Was I affected?</h3>

<p>Since the latest versions of spyware like Pegasus are designed to leave no trail on a device, it is almost impossible to detect them. The only way one would know is through an official notification from the developer.</p>

<h3>What to do if you have been infected</h3>

<p>If you suspect you have been infected, you should immediately change all your passwords including emails, cloud-storage accounts among others. As the spyware records every detail including login IDs and passwords, merely changing your device wont suffice.</p>

<hr class="section-separator">

<blockquote class="pullquote">
<p>If the BJP has engaged Israeli agencies to snoop into phones of journalists, lawyers, activists and politicians, it is a gross violation of rights and a scandal with grave ramifications on national security</p>
<footer>— Priyanka Gandhi, Congress</footer>
</blockquote>

<hr class="section-separator">

<h3>How to stay virus-free</h3>

<ul>
<li>Always pause before you click on a link even if sent by a friend.</li>
<li>If you receive a link from an unknown sender, ask yourself if you were expecting such a message</li>
<li>Use strong passwords</li>
<li>Keep all your apps updated</li>
<li>Avoid apps with dubious reputations or those developed by firms that don't share information about themselves</li>
</ul>

<h3>A FEW GOOD APPS</h3>

<p>Not all applications are out to get you, there are some that you can use to protect yourself.</p>

<ul>
<li>For Android phones, Lens Cap allows you to turn off your device's camera for any or all apps. You can even add a shortcut to your phone's home screen to enable and disable your camera with a single tap.</li>
<li>For iPhones, go to Settings, choose Screen Time, tap Content and Privacy Restrictions, then choose Allowed Apps and slide the Camera option to the off position. Now, your iPhone camera will remain disabled for any app, until you enable it again.</li>
<li>And when in doubt, simply follow the IT mantra - turn off your device and/or leave it in another room if you feel the conversation you are about to have is sensitive.</li>
</ul>

<h3>Expert speak</h3>

<p><strong>► This clearly means that some entities within the Indian govt are, in all likelihood, contracting providers of legal hacking solutions</strong> – Sunil Abraham, Director, CIS</p>

<p><strong>► This shows just how important it is to have surveillance reform which includes tabling of the Data Protection Bill in parliament, and that evidence through such means is not admissible in any court</strong> – Vrinda Bhandari, Supreme Court advocate</p>

</div>

<button class="copy-btn-full" data-copytarget="#fulltext">Copy Full Text</button>

{% include back-to-top.html %}

## Context and Background

The feature appeared in November 2019 following WhatsApp's disclosure that Israeli surveillance firm NSO Group had exploited a vulnerability in its calling feature to install Pegasus spyware on approximately 1,400 devices across 20 countries. The attack represented a watershed moment for digital privacy in India, revealing sophisticated state-level surveillance capabilities deployed against civil society activists, journalists and lawyers.

Unlike earlier Pegasus attacks requiring user interaction with malicious links, the 2019 variant employed "zero-click" exploitation through missed WhatsApp calls, rendering even cautious users vulnerable. The malware's ability to bypass end-to-end encryption by capturing data after decryption on the target device exposed fundamental limitations in securing communications against state-sponsored surveillance.

Sunil Abraham's assessment that "entities within the Indian govt are, in all likelihood, contracting providers of legal hacking solutions" challenged official denials while acknowledging the reality of government procurement of commercial spyware. His call for surveillance reform and data protection legislation reflected concern that India lacked legal frameworks to authorize, constrain or provide oversight for such capabilities. The parallel demand from Supreme Court advocate Vrinda Bhandari that evidence obtained through such means be inadmissible addressed the constitutional implications of secret surveillance targeting those engaged in lawful dissent.

The scandal intersected with ongoing tensions between the Indian government and WhatsApp over traceability requirements that would undermine end-to-end encryption. Several targeted individuals were associated with the Bhima Koregaon case, where activists and lawyers were arrested on terrorism charges that rights groups characterized as politically motivated. The timing of WhatsApp's disclosure raised questions about whether the company was pre-empting government pressure by publicly demonstrating the risks of weakening encryption safeguards.

The article's practical security advice acknowledged the limitations of technical defenses against state-level adversaries. Recommendations to replace infected devices rather than attempt cleanup reflected the sophistication of modern spyware, while suggestions to physically isolate devices during sensitive conversations implicitly accepted that software-only protection was insufficient against well-resourced attackers.

## External Link

- <a href="https://mumbaimirror.indiatimes.com/mumbai/other/deepdive-i-spy/articleshow/71859870.html">Read on Mumbai Mirror</a>

<style>
.media-details {
  background: #f9fbfe;
  border: 1px solid #d8e2f0;
  border-radius: 10px;
  padding: 1.2rem 1.4rem;
  max-width: 700px;
  margin: 1.2rem auto;
  font-size: 0.96rem;
  line-height: 1.5;
  color: #333;
  box-shadow: 0 2px 4px rgba(0,0,0,0.04);
}
.media-details dt { font-weight: 600; color: #1b2a49; margin-top: 0.7rem; }
.media-details dd { margin: 0 0 0.3rem 0.3rem; color: #555; }
.highlighted-text {
  background-color: #fffbea;
  border-left: 4px solid #f2ce61;
  padding: 1rem 1.2rem;
  border-radius: 8px;
  line-height: 1.65;
  color: #333;
  margin-bottom: 0.8rem;
}
.highlighted-text p { margin-bottom: 1rem; }
.highlighted-text h3 { 
  font-size: 1.15rem; 
  font-weight: 600; 
  margin-top: 1.3rem; 
  margin-bottom: 0.6rem;
  color: #1a1a1a;
}
.highlighted-text ul {
  margin: 0.8rem 0 1rem 1.5rem;
  padding: 0;
}
.highlighted-text ul li {
  margin-bottom: 0.5rem;
  line-height: 1.6;
}
.section-separator {
  border: none;
  border-top: 1px solid rgba(0,0,0,0.1);
  margin: 1.2rem 0;
}
.pullquote {
  background: #f5f5f5;
  border-left: 4px solid #666;
  padding: 1rem 1.2rem;
  margin: 1.2rem 0;
  font-style: italic;
}
.pullquote p {
  margin: 0 0 0.5rem 0;
  font-size: 1rem;
  line-height: 1.5;
}
.pullquote footer {
  font-style: normal;
  font-size: 0.9rem;
  color: #666;
  margin-top: 0.5rem;
}
.copy-btn-full {
  display: inline-block;
  background: #f1f1f1;
  border: 1px solid #ccc;
  font-size: 0.85rem;
  padding: 0.4rem 0.8rem;
  border-radius: 6px;
  cursor: pointer;
  transition: background 0.2s ease;
  margin-bottom: 1.5rem;
}
.copy-btn-full:hover { background: #e5e5e5; }
.copy-btn-full:focus { outline: 3px solid #ffbf47; outline-offset: 2px; }
</style>

<script>
document.addEventListener('DOMContentLoaded', () => {
  document.querySelectorAll('.copy-btn-full').forEach(btn => {
    btn.addEventListener('click', async () => {
      const target = document.querySelector(btn.getAttribute('data-copytarget'));
      if (!target) return;
      try {
        await navigator.clipboard.writeText(target.innerText.trim());
        const original = btn.textContent;
        btn.textContent = 'Copied!';
        setTimeout(() => (btn.textContent = original), 1500);
      } catch (e) {
        btn.textContent = 'Copy failed';
        setTimeout(() => (btn.textContent = 'Copy Full Text'), 1500);
      }
    });
    btn.addEventListener('keydown', (ev) => {
      if (ev.key === 'Enter' || ev.key === ' ') {
        ev.preventDefault();
        btn.click();
      }
    });
  });
});
</script>