What’s in today’s article?
- Why in news?
- What is Organised Crime and Corruption Reporting Project (OCCRP)?
- What is Pegasus Spyware?
- What is zero-click exploit?
- News Summary
- What does the report say?
Why in news?
- The Washington Post and Amnesty International report claims that Pegasus spyware targeted journalists in India.
- This includes the founder editor of The Wire and the South Asia editor of the Organised Crime and Corruption Report Project (OCCRP).
- The intrusion was detected in October 2023 after Apple warned users, including MPs, of potential ‘state-sponsored attacks’ on their iPhones.
What is Organised Crime and Corruption Reporting Project (OCCRP)?
- About
- The Organized Crime and Corruption Reporting Project is a global network of investigative journalists with staff on six continents.
- Founded in 2006, it specializes in organized crime and corruption.
- It publishes its stories through local media and in English and Russian through its website.
- Recent works
- The entity was involved in the coverage of Pegasus spyware as well as Panama Papers leak.
- The OCCRP conducted research and published a report on the Adani Group (AG).
What is Pegasus Spyware?
- About
- Pegasus is a malware/spyware developed by Israel’s NSO Group.
- The spyware suite is designed to access any smartphone through zero-click vulnerabilities remotely.
- Once a phone is infiltrated, the spyware can access entire data on that particular phone.
- It also has real-time access to emails, texts, phone calls, as well as the camera and sound recording capabilities of the smartphone.
- Working of Pegasus Spyware
What is zero-click exploit?
- About
- A zero-click exploit refers to malicious installed on a device without the device owner’s consent.
- More importantly, it does not require the device owner to perform any actions to initiate or complete the installation.
- Specific exploit used in the present case involving Indian journalists
- The specific exploit allegedly in use on the two devices is called BLASTPAST (previously identified as BLASTPASS).
- It plays out in two phases.
- In the first, the attack attempts to establish a link with the Apple HomeKit – which gives users a way to control multiple smart devices – on the target’s device.
- The purpose of the first phase could be to determine how the device can be exploited or to keep it in sight for further exploitation in the future.
- In the second, some malicious content is sent via the iMessage app to the target.
- This phase is the one that delivers the full spyware payload.
News Summary
- A new forensic investigation by Amnesty International and The Washington Post has shown the use of the Israeli Pegasus spyware to surveil high-profile Indian journalists.
What does the report say?
- Background
- The journalists had received an alert from Apple that they were being targeted by state-sponsored hacking.
- Following which, these journalists provided their phones to Amnesty International’s Security Lab for testing.
- Report
- At the end of their examination, they reported finding traces of Pegasus’s activity on their respective devices.
- Security Lab concluded that a message to facilitate a zero-click exploit had been sent to these phones over his iPhone’s iMessage app.
Q1) What is Blastpass?
Blastpass is a zero-click exploit chain that can compromise iPhones running iOS 16.6 and iPads running iPadOS 16.6. The exploit involves sending malicious images to the victim’s iMessage account.
Q2) What is Amnesty International?
Amnesty International is an international non-governmental organisation focused on human rights, with its headquarters in the United Kingdom.
Source:
Last updated on June, 2025
→ UPSC Notification 2025 was released on 22nd January 2025.
→ UPSC Prelims Result 2025 is out now for the CSE held on 25 May 2025.
→ UPSC Prelims Question Paper 2025 and Unofficial Prelims Answer Key 2025 are available now.
→ UPSC Calendar 2026 is released on 15th May, 2025.
→ The UPSC Vacancy 2025 were released 1129, out of which 979 were for UPSC CSE and remaining 150 are for UPSC IFoS.
→ UPSC Mains 2025 will be conducted on 22nd August 2025.
→ UPSC Prelims 2026 will be conducted on 24th May, 2026 & UPSC Mains 2026 will be conducted on 21st August 2026.
→ The UPSC Selection Process is of 3 stages-Prelims, Mains and Interview.
→ UPSC Result 2024 is released with latest UPSC Marksheet 2024. Check Now!
→ UPSC Toppers List 2024 is released now. Shakti Dubey is UPSC AIR 1 2024 Topper.
→ Also check Best IAS Coaching in Delhi