At least nine Indian human rights activists, eight of whom have called for the release of eleven activists arrested in the Bhima Koregaon case, were targeted in a coordinated spyware campaign, according to research released by Amnesty International and University of Toronto-based Citizen Lab on June 15. The victims were sent emails with malicious links that, on being clicked, deployed NetWire, a commercially manufactured Windows spyware that gives remote access to the device, allowing the intruder to monitor the victims’ actions and communications. Three of the eleven activists targeted in this campaign — Nihalsing Rathod, Shalini Gera and Degree Prasad Chouhan — had earlier been targeted using the NSO Group-owned Pegasus spyware. Of the 121 Indians that were targeted using Pegasus spyware that was planted using the WhatsApp vulnerability, at least 22 were activists, lawyers and scholars, including Anand Teltumbde, and most of them had been involved in calling for the release of the Bhima Koregaon 11, with Teltumbde himself was arrested in the case. What was the modus operandi? Between January and October 2019, each of the victims was sent spear phishing emails with the malicious links. The emails sent were sent from email addresses that masqueraded those of other activists, spouses of close friends (with a misspelt name, not discernible in the first read), or with subject lines that meant to compel the human rights activists and lawyers to open the emails, such as “SUMMONS NOTICE JAGDALPUR ARSON CASE”, “Reminder Summons For Rioting Case”, etc. All malicious links…
