For 10 years, a group of hackers framed people for crimes they didn’t commit.
The revelations come from cybersecurity firm Sentinel One. Concretely, according to her, a group of pirates would have led to the unjustified arrest of several well-known people.
Called ModifiedElephant, the group has been operating since at least 2012.
Codename: Hackers ModifiedElephant
Cybersecurity firm Sentinel One has revealed that a group of hackers is attacking several people in India. The ModifiedElephant group has been active for over ten years.
Clearly, the hackers used multiple tools to plant (fake) evidence on individuals’ computers, which led to their arrest. At first, the group of cybercriminals carried out “surveillance” of the targets to then introduce files into their computer and incriminate them in specific crimes.
“ModifiedElephant is responsible for targeted attacks against human rights activists, human rights defenders, academics and lawyers across India, in an attempt to plant incriminating digital evidence”, explains the report.
An unsophisticated technique
Sentinel One describes the techniques used by the band as unsophisticated and downright mundane.” Moreover, NetWire and DarkComet, the two tools most used by the group of hackers, are both freely available on the Dark Web. Both tools reach the victim through a targeted phishing attack technique via malicious documents.
Specifically, ModifiedElephant operates using commercially available Remote Access Trojans (RATs). Once installed in a targeted computer, a RAT is a program that allows remote administration functions to be performed.
The example of Rona Wilson
“ModifiedElephant’s goal is long-term surveillance that sometimes ends with the handing over of ‘evidence’ – files that incriminate the target in specific crimes – before conveniently coordinated arrests”illustrates the report.
Notable targets include those associated with the Bhima Koregaon case. For example, one of the victims is Rona Wilson. She is an Indian activist and critic of Narendra Modi’s administration. The activist was arrested on suspicion of treason.
Put simply, the hackers placed files on Rona Wilson’s computer to make it look like she was planning to overthrow the government. One of these files contained a detailed plan for the assassination of Prime Minister Narendra Modi.