Security News > 2022 > February > This malware gang plants incriminating evidence on PCs, gets victims arrested

"The objective of ModifiedElephant is long-term surveillance that at times concludes with the delivery of 'evidence' - files that incriminate the target in specific crimes - prior to conveniently coordinated arrests," said Tom Hegel, threat researcher at SentinelOne, in a blog post.

ModifiedElephant prefers phishing with malicious Microsoft Office attachments to attack targets, and infect them with Windows malware.

Activist Rona Wilson is said to have been one of those targeted by ModifiedElephant.

A year ago, Arsenal Consulting, a US-based digital forensics firm, reported that the evidence against Wilson had been planted.

"The attacker responsible for compromising Mr. Wilson's computer had extensive resources and it is obvious that their primary goals were surveillance and incriminating document delivery."

"We observe that ModifiedElephant activity aligns sharply with Indian state interests and that there is an observable correlation between ModifiedElephant attacks and the arrests of individuals in controversial, politically-charged cases," wrote Hegel.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/02/10/modifiedelephant_evidence_malware/