Rona Wilson targeted in 10-year cyber espionage effort by two groups: report


New Delhi: A new report has revealed that activist Rona Wilson – jailed for what Pune Police and the NIA believe to be his links to the Elgar Parishad case – has been targeted by two groups who have launched cybercrime campaigns against him.

This report follows last year’s damning report from Massachusetts-based digital forensics firm Arsenal Consulting, which said a cyber attacker gained access to Wilson’s computer at least 22 months before his arrest. and that at least 10 incriminating letters had been placed. on her through this attack.

In July of this year, as part of the Pegasus project, Thread had reported that Wilson was one of the first targets – attacked as early as mid-2017 – of the highly intrusive Pegasus spyware. He was one of the first to be arrested in the Elgar Parishad case.

At the end of last year, Thread also reported based on findings from Arsenal Consulting that Wilson had been the victim of both surveillance and the delivery of incriminating material for almost a year before his arrest on June 6, 2018.

Arsenal Consulting, which was hired by Wilson’s defense attorneys to study electronic evidence presented against him in the Elgar Parishad case, said it found Pegasus indicators on the Windows volume of Wilson’s computer in two backups. iTunes from an iPhone 6S.

SentinelOne Results

Now the conclusions of American experts from the cybersecurity company SentinelOne, on which The Washington Post reportedclaim that Wilson was targeted in an effort that spanned nearly a decade – a much longer span of time than previously thought.

One of the two groups targeting Wilson, identified as SideWinder, is linked to “widely documented cyber-espionage campaigns against military targets in China and Pakistan, India’s principal foreign adversaries,” the newspaper noted. Its activities are known to be directed against government and military targets in Pakistan and China.

SentinelOne does not identify the second of Wilson’s attackers, but dubbed him “ModifiedElephant”. It notes that its activity “aligns with the interests of the Indian state”.

“Two separate groups pursuing the same target suggest that they were tasked with the task by the same entity,” said Juan Andres Guerrero-Saade, senior threat researcher and co-author of the SentinelOne report.

SentinelOne noted that the activist had received “dozens of emails”, many from activists he knew and which were sometimes disguised as news articles, which contained “malware designed to infiltrate his computer”.

“ModifiedElephant” shared web domains with a hacking group known as Hangover, which in turn attacked commercial businesses and national security interests in Europe, the United States and Pakistan.

Besides Wilson, 15 activists, academics and lawyers have been arrested by Pune police and the NIA in the Elgar Parishad case. The eldest of them, Father Stan Swamy, died in July this year.

Critics of the government have dismissed the NIA’s claims in the case, describing the investigation as a witch hunt against dissidents and rights activists.

Previous This new Fitbit does more than count steps. It may save your life one day.
Next Hidden features in your Windows PC or Mac can improve your tech life.