Share this page!

Niha Masih Profile picture
Twitter logo
Feb 11 10 tweets 4 min read
Thread on our latest #BhimaKoregaon investigation: @SentinelOne dug into phishing emails received by Rona Wilson to piece together how he was targeted. What they found was startling: Two distinct groups attacked him in the same time period. 1/n washingtonpost.com/world/2022/02/…
Wilson received dozens of emails — often from other activists he knew and sometimes disguised as news articles — that contained malware designed to infiltrate his computer. 2/n washingtonpost.com/world/2022/02/…
The primary group, that report calls ModifiedElephant, planted evidence on his laptop including the letter about plot to kill the PM. This group shared infrastructure with a known hacker, Hangover, that researchers have long suspected of state-sanctioned political espionage. 3/n
The second group that targeted Wilson was Sidewinder, that has been linked to widely documented cyberespionage campaigns against military targets in China and Pakistan, India’s top foreign adversaries. 4/n
“Two separate groups going after the same target suggests they were tasked with the job by the same entity,” said @juanandres_gs (co-author of the SentinelOne report). 5/n
The list of those targeted by ModifiedElephant goes beyond Wilson and others accused in the #BhimaKoregaon case. Dozens of other academics, lawyers, civil society members were sent malicious emails but it is not known how many were infected. 6/n
The report does not identify the people who carried out the attacks or the entity that ordered them but notes that ModifiedElephant’s activity sharply “aligns with Indian state interests.” 7/n
Our previous reporting confirmed that Wilson was hacked by Pegasus spyware as well. He has now spent more than three years in jail awaiting trial. 8/n
This means that a group of jailed govt critics were surveilled and targeted for years. The report offers new clues about connections between groups that cybersecurity experts have observed targeting foreign adversaries and domestic critics. 9/n
Link to the full report by @SentinelOne @juanandres_gs @TomHegel here: sentinelone.com/labs/modifiede… 10/n

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Niha Masih

Niha Masih Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @NihaMasih

Niha Masih Profile picture
Jul 18, 2021
BREAKING: Introducing the Pegasus Project: a collaborative investigation involving more than 80 journalists on 4 continents showing how powerful spyware licensed only to governments targeted journalists, activists and more. (1/n) washingtonpost.com/investigations…
The phones appeared on a list of over 50,000 numbers concentrated in countries known to engage in surveillance of their citizens and known to have been clients of the Israeli firm, NSO Group, a leader in the growing and largely unregulated private spyware industry. 2/n
Reporters were able to identify more than 1,000 people through research and interviews on four continents: several Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists, and more than 600 politicians and government officials. 3/n
Read 22 tweets
Niha Masih Profile picture
Jul 6, 2021
THREAD on malware attacks in Bhima Koregaon:
1/Lawyer Surendra Gadling was sent three emails with malware in Feb 2016 from email IDs of people he knew that were either compromised or forged. washingtonpost.com/world/2021/07/…
2/Through the malware, the attacker had access to Gadling's computer, including sites he browsed, emails he composed & documents he edited.
3/One such malware email received by Gadling is marked to two other defendants – Stan Swamy and Sudha Bharadwaj. If they clicked on the attachment, similar malware would have been deployed on their devices.
Read 14 tweets
Niha Masih Profile picture
Jul 22, 2020
1/Scathing report by the Forum for human rights in Kashmir, led by retd J. Madan Lokur.
On edu: Schools and colleges functioned
for barely 100 days between 2019 & 2020. After the pandemic, limiting networks to 2G has made it impossible for online classes to function adequately.
2/Political detentions: Less than a quarter of those detained under the PSA between August 2019 and March 2020 were released. The justifications provided for political detentions were flimsy in the extreme. #Article370
3/Detention of children: SC in its oral remarks on Dec 9, said petitioners should not be overly alarmed if children are detained for a few hours or a day coz in certain situations it is for their good. In law, illegal detentions remain illegal, whatever the quantum of time.
Read 7 tweets
Niha Masih Profile picture
Jul 19, 2020
Thread: For our latest piece, tried to get monthly death figures for 2019 and 2020 to spot any “excess” deaths. Began with Bombay, where a junior BMC officer obliged within hours. One phone call to a person I had spoken to once before. 1/
The figures for May showed a big spike.
May 2019: 6832
May 2020: 12,963 (Covid deaths 2269)
Later, I called the BMC chief for a comment. He took my call, gave me additional data and answered my questions. 2/
Next I tried Chennai. Data was shared almost immediately (except for June which wasn't an updated figure). 3/
Read 6 tweets
Niha Masih Profile picture
Jan 5, 2020
Tweet thread on a colony protest: At Defence Colony this morning where residents had planned a meeting on CAA, a dozen or so cops arrived in the park early to dissuade them. RWA president said disperse as "In this colony we don't like such type of things"
The gathered residents including some elderly ladies said they had simply come to talk amongst themselves. Police said you don't have permission. Residents asked what stopped people from coming into their own park to talk.
A female lawyer explaining the law was heckled by a gentleman who said "Don't talk about Assam. This is Delhi." She said "Assam is also a part of India." As the arguments got heated, some of the girls began to sing the national anthem. The gentleman contd to speak above that.
Read 7 tweets
Niha Masih Profile picture
Dec 27, 2019
Thread on UP: Photos of women in Lucknow beaten in police crackdown which spared "nothing and no one." Top official in the state said there was a process for public grievances& if anyone complained to the police, the law would be followed. #CAAProtests washingtonpost.com/world/asia_pac…
Watch: A video shot by a Lucknow resident on Dec. 19 after policemen went on a "rampage," a charge denied by the police. Nearly 10 homes in that neighbourhood reported vandalism. #CAA_NRC_Protests washingtonpost.com/world/asia_pac…
A prominent actor-activist went out to protest India's citizenship law in Lucknow. She never made it back.
Our report on how police in UP are targeting Muslims and activists in the state washingtonpost.com/world/asia_pac…
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Like this author's thread?

Get emails when @NihaMasih has new unrolls!

Check out other threads from @NihaMasih!

Read all threads by @NihaMasih

:(