According to reports, a “shadowy hacker group” known as Modified Elephant has been targeting people in India “for at least a decade,” sometimes using its digital powers to plant fabricated evidence of criminal activity on their devices.” That fake evidence, in turn, has frequently been used as a pretext for the victims’ arrest.”
They highlight a new study from cybersecurity firm Sentinel One that “illuminates how its digital dirty tricks have been used to spy and target “human rights activists, human rights defenders, professors, and attorneys” across India.
The most well-known Elephant case is Maoist leader Rona Wilson and a handful of his colleagues, detained by India’s security forces in 2018 and accused of planning to topple the government. On Wilson’s laptop, evidence for the alleged conspiracy was discovered, including a word document revealing intentions to murder the nation’s prime leader, Narendra Modi.
However, further forensic investigation of the device revealed that the papers were fraudulent and placed artificially using malware. Elephant put them there, according to Sentinel researchers.
The laptop mentioned above was investigated by a digital forensics firm, Boston-based Arsenal Consulting, which blew the case wide open when covered by the Washington Post. Arsenal eventually found that Wilson, his alleged co-conspirators and many other activists had been subjected to digital manipulation.
Elephant uses traditional hacking tactics to enter consumers’ PCs, according to the Sentinel One study. In addition, malicious documents containing commercially accessible remote access tools (RATs) — simple programmes available on the dark web that may takeover systems – are included in spam emails typically targeted to the victim’s interests.
Similar efforts against Baris Pehlivan, a Turkish journalist imprisoned for 19 months in 2016 after the Turkish government accused him of terrorism, are likely to have been carried out by a separate organisation. Digital forensics later revealed that the files used to back up Pehlivan’s claims, such as those on Wilson’s laptop, were intentionally planted.