America’s Wired magazine has alleged links between Pune police and hackers who it says planted fabricated evidence on some of the accused in the Elgaar Parishad-Maoist links case, which witnessed the arrest of 16 activists, writers, academics and lawyers.
Earlier, two digital security firms in the US had revealed the planting of electronic evidence — claims that the prosecution has rejected, with the investigators ignoring calls to review the evidence.
The latest revelation is the first that directly implicates the Pune police, which began probing the case in 2018 before the National Investigation Agency took over.
Maharashtra home minister Dilip Walse-Patil and the police did not respond to calls, emails and WhatsApp messages from this newspaper relating to the Wired report.
Both the Maharashtra government and the Centre have resisted the admission of the multiple revelations of hacking as evidence and consistently opposed bail in the case. The Shiv Sena-NCP-Congress government has drawn flak for the poor living conditions in its prisons where the accused are held.
The Wired report, titled “Police linked to hacking campaign to frame Indian activists” and published online on Thursday, says: “Working with a security analyst at a certain email provider — who also spoke to Wired but asked that neither they nor their employer be named — SentinelOne (one of the firms that had revealed evidence planting by hackers) learned that three of the victim email accounts compromised by the hackers in 2018 and 2019 had a recovery email address and phone number added as a backup mechanism.
“For those accounts, which belonged to (prison-rights activist Rona) Wilson, (Telugu writer Varavara) Rao, and an activist and professor at Delhi University named Hany Babu, the addition of a new recovery email and phone number appears to have been intended to allow the hacker to easily regain control of the accounts if their passwords were changed. To the researchers’ surprise, that recovery email on all three accounts included the full name of a police official in Pune who was closely involved in the Bhima Koregaon 16 (Elgaar Parishad) case.”
Of the 16 people arrested, the eldest, Stan Swamy (84), died in judicial custody while Rao and jurist Sudha Bharadwaj are out on bail.
In February this year, a report by the California-based SentinelOne had said that Wilson was targeted by a hacking entity named SideWinder in 2013 and 2014. Using data forensics, the company had linked SideWinder to another hacking entity, Modified Elephant, whose past actions show that it “aligns sharply with Indian State interests”.
Last year, the Massachusetts-based Arsenal Consulting had analysed digital copies of electronic devices seized from the accused and found that devices of Wilson and Nagpur lawyer Surendra Gadling had been infected with spyware to plant evidence on them.
Babu was arrested in 2020 while the other three were picked up in 2018.
The Wired report says: “The three hacked accounts have other fingerprints that link them — and thus the Pune police — to the larger Modified Elephant hacking campaign: The email provider found that the hacked accounts were accessed from IP addresses that SentinelOne and Amnesty International had previously identified as those of Modified Elephant.
“In the case of Rona Wilson, the email provider security analyst says that Wilson’s email account received a phishing email in April 2018 and then appeared to be compromised by the hackers using those IPs, and at the same time the email and phone number linked to the Pune city police were added as recovery contacts to the account.”
In 2020, Amnesty International and the University of Toronto’s Internet watchdog Citizen Lab had revealed that the previous year, a coordinated spyware operation was used to target at least nine human rights defenders, eight of whom are campaigning for the release of the Elgaar undertrials.
Also in 2019, the Israeli spyware Pegasus — sold only to governments — was alleged to have been used to spy on activists by penetrating their mobile phones via WhatsApp.
In 2020, then communications and IT minister Ravi Shankar Prasad told the Rajya Sabha: “To the best of my knowledge, no unauthorised interception has been done.”
A researcher each from Citizen Lab and Virginia’s Nisos confirmed SentinelOne’s new findings, as reported by Wired, purportedly by cross-checking it with publicly available directories of police officers and a WhatsApp profile photo of an officer whose number was linked to the hacker.
The officers’ names have not been revealed. The findings are scheduled to be presented by SentinelOne at the Black Hat security conference in Las Vegas in August.
Babu’s wife and Delhi University teacher Jenny Rowena told The Telegraph: “This report once again exposes the devious conspiracy involving the police in incarcerating law-abiding citizens, who were doing good work in society, to punish them for their social interventions. The police behind this must have made such mistakes never imagining that it would all be exposed due to the tireless work of some organisations and individuals.”
She added: “Everyone must take these revelations seriously and those involved should be punished or this will be repeated with impunity. Most importantly, the activists, intellectuals and academics like my husband who have been languishing in jail without even the charges being framed should be immediately released.”
Former Pune police commissioner Rashmi Shukla, during whose tenure the case was filed, was chargesheeted this year for allegedly tapping the phones of politicians from the NCP and the Sena during BJP rule in Maharashtra.
Shukla, now additional DGP (training) in the CRPF, did not respond to an email from this newspaper.