police around The world is increasingly using hacking tools to identify and track protesters, expose dissidents’ secrets, and turn activist computers and phones into unavoidable wiretapping bugs. Now, a new clue in a case in India has taken the appalling step further by using these tools to link law enforcement agencies with hacking campaigns. The same police plant a false allegation file on the target’s computer that was used as a basis for arrest and detention.
Forensic analysts more than a year ago It was discovered that an unidentified hacker had manipulated the evidence. The information, found on the computers of at least two activists arrested in Pune, India in 2018, is serving time in prison, along with 13 others on terrorism charges. Researchers at security firm Sentinel One and the nonprofits Citizen Lab and Amnesty International have linked the evidence manipulation to extensive hacking operations on hundreds of individuals over nearly a decade, using phishing emails to hack target computers into spyware and spyware. Infected with a smartphone hacking tool. Sold by Israeli hacking contractor NSO Group. But now, researchers at Sentinel One have uncovered a link between hackers and government agencies. It was the Indian police in the city of Pune who arrested several activists based on fabricated evidence.
“There is a verifiable link between those who arrested these people and those who planted the evidence,” said Juan Andres Guerrero-Saade, a security researcher at Sentinel One, who will present the findings with fellow researcher Tom Hegel. August Security Conference. “This is ethically beyond compromise. It goes beyond coldness. So we are trying to pass on as much data as possible to help these victims.”
Sentinel One’s new discovery linking Pune City Police with a long-running hacking campaign called the Modified Elephant centers around two specific goals of the campaign: Rona Wilson and Varvara Rao. The two are activists and human rights defenders who were imprisoned in 2018 as part of a group called Bhima Koregaon 16. The group is named after the town where violence between Hindus and Dalits broke out earlier that year. (Of the 16 defendants, 84-year-old Jesuit priest Stan Swamy contracted COVID-19 and died in prison last year. Rao, who was ill at the age of 81, was released on medical bail. Among the other 14, he was on bail. is only one.)
Earlier last year, Arsenal Consulting, a digital forensics firm representing the accused, along with another accused, human rights lawyer Surendra Gadling, analyzed the contents of Wilson’s laptop. Arsenal analysts found that evidence was apparently tampered with on both instruments. In Wilson’s case, malware known as NetWire added 32 files to a folder on his computer’s hard drive, which contained a letter that appeared to have conspired with a banned Maoist group to assassinate Indian Prime Minister Narendra Modi. In fact, the letter was created in a version of Microsoft Word that Wilson never used and never installed on his computer. Arsenal also discovered that Wilson had been hacked to install NetWire malware after opening an attachment sent from Varvara Rao’s email account. Arsenal chairman Mark Spencer said in a report sent to the Indian court that “this is one of the most serious falsification of evidence that Arsenal has suffered.”
Sentinel One was released last February. Detailed report on the deformed elephantBy analyzing the malware and server infrastructure used in the hacking campaign, we show that the two cases of evidence manipulation analyzed by Arsenal are part of a much larger pattern. However, in that report, Sentinel One failed to identify the individual or organization behind the Modified Elephant hacker, only stating that “the activities are highly aligned with the interests of the State of India.”
Police involved in hacking campaign to insult Indian activists
Source link Police involved in hacking campaign to insult Indian activists