US-based security researchers’ team has revealed links between hackers and Pune Police in relation to Bhima Koregaon Case.
This information reveals the direct involvement of the government in the case. Pune Cops is involved in the email hacking of Rona Wilson and Varavara Rao. They are both activists arrested in the case. It also reveals the email hacking of Delhi University professor, Hany Babu.
In the past few years, the pieces of evidence collected from the individuals were questionable. Many digital investigators questioned how the police got access to that information. One of the digital forensics even stated that the evidence was planted by hackers on the devices of the accused.
SentinelOne on the involvement of Pune Police
Juan Andres Guerrero-Saade, a security researcher at SentinelOne said, “There’s a provable connection between the individuals who arrested these folks and the individuals who planted the evidence.” SentinelOne is a cybersecurity software company based in the US.
The organization also stated that this is not a mistake but is “beyond ethically compromised.” They confirmed that they will put forward as much information as they can on the matter.
According to reports, the first attack on Wilson happened in 2012. It was through 100 phishing emails that were sourced through Wilson’s defense lawyer. The attacks intensified over 2014 and were maximum in 2016.
SentinelOne reveals Pune Police was involved in this hacking campaign for a long time. They call it ‘Modified Elephant’.
The Anonymous Helper
The email service provider, who has chosen to remain unnamed, has provided the links between the hackings and the Indian Law Enforcement body.
According to the information revealed by the service provider, the hackers had added recovery mails to the emails of the three accused as a backup. This would help the hackers regain control in case the passwords to the email ids were changed. These recovery mails were added back in 2018 and 2019.
According to the Wire Magazine, the recovery mails contained the name of a police officer from the Bhima Koregaon case. To quote, it “included the full name of a police official in Pune who was closely involved in the Bhima Koregaon 16 case”.
The security analyst of the email service provider had a bold reason behind revealing such sensitive information. She/He told The Wire, “We generally don’t tell people who targeted them, but I’m kind of tired of watching shit burn.” She/He added “These guys are not going after terrorists. They’re going after human rights defenders and journalists. And it’s not right.”
Collaboration with other cyber security firms
Firms like Internet Watchdog, and Citizen Lab collaborated with SentinelOne researchers to confirm that the recovery mail and phone number belonged to one of the officers. It was found by a researcher named Zeshan Aziz. He found the match of the phone number on the leaked database of Truecaller.
The report also stated that “Scott-Railton [of Citizen Lab] further found that the WhatsApp profile photo for the recovery phone number added to the hacked accounts displays a selfie photo of the police official.”
In case of Wilson, it is reported that the account was compromised by hackers in 2018. The hacking was executed through one of the phishing emails as mentioned before. At the same time, the police officer’s email id and phone number were added as the recovery number and mail.
It is also important to note that recovery is possible only through verification via the phone number or email. This proves the Pune police already had control of the devices of the accused individuals even before the hacking
Read More: Asianatimes.com