Bhima Koregaon: Key evidence against jailed activists planted using malware, says forensic report

The report found that an attacker used malware to infiltrate activist Rona Wilson’s laptop before his arrest, and deposited at least 10 incriminating letters. (Article from February 2021)

#maharashtra #BhimaKoregaon #ElgarParishad #RonaWilson #VaravaraRao #ArsenalConsulting #NetWire #PunePolice #BK16 #UAPA #NIA #dalits #activism #SocialJustice #DraconianLaws #hindutva #NarendraModi #SupremeCourt #india

https://scroll.in/latest/986517/bhima-koregaon-key-evidence-against-accused-activists-was-planted-using-malware-says-report

Internationaler #Cybercrime-Schlag gegen den Remote-Access-Trojaner #Netwire. Im Zuge der Aktion hat die Kantonspolizei Zürich Server beschlagnahmt.

https://www.inside-it.ch/zuercher-kapo-an-internationaler-aktion-gegen-malware-beteiligt-20230313

📢 #NetWire has been utilized by various groups, but its most notable use occurred last year when an APT group used the #malware to plant incriminating evidence on victims’ devices.

Read: https://www.hackread.com/netwire-malware-site-seized-admin-arrested/

#Security #cybercrime #CyberSecurity #busted

Law enforcement seized the website selling the #NetWire #RAT and arrested a Croatian man
https://securityaffairs.com/143325/cyber-crime/law-enforcement-seized-netwire-rat-site.html
#securityaffairs #hacking #malware

While the individual behind the #NetWire Remote Access Trojan hasn’t been publicly named, there are breadcrumbs leading to the identity and location of the owner. @briankrebs discusses more here: https://krebsonsecurity.com/2023/03/whos-behind-the-netwire-remote-access-trojan/

#Netwire was marketed and sold from its own internet domain as a Remote Administrative Tool for #Microsoft Windows -probably #Android, #Linux and #Mac machines too-
but in fact it was a #trojan -a kind of #malware that allows #Hackers to get rid of infected computers-
http://bit.ly/3J9BmIX
Internet domain has been seized in several Law Enforcement Agencies joint operative and a Croatian national was put under arrest

RT @EC3Europol: Busted! A coordinated #lawenforcement action 🇭🇷🇨🇭🇦🇺🇺🇸 has taken down the #Netwire Remote Access Trojan infrastructure.

🚔 Main suspect arrested.

#Netwire is a Licensed Commodity RAT offered in underground forums to non-technical users to carry out their own criminal activities.

🐦🔗: https://n.respublicae.eu/Europol/status/1634112454216019968

📬 Das Aus für NetWire RAT: FBI zerschlägt Malware-Infrastruktur
#ITSicherheit #Malware #europol #FBI #Fernwartungstool #NetWire #NetWireRAT #Phishing #RemoteAccessTrojaner https://tarnkappe.info/artikel/malware/das-aus-fuer-netwire-rat-fbi-zerschlaegt-malware-infrastruktur-266853.html

oh wow @briankrebs covering the #netwire #RAT arrest of a Croatian

#infosec

https://krebsonsecurity.com/2023/03/whos-behind-the-netwire-remote-access-trojan/

#NetWire [eb6c06c899623ca900814e70c0d6ca81] dropping ##VectorStealer [7dbacaeacfde7042b9d95a973d1995ea]
#stealer

The Trojan solved the Bhima Koregaon case!

How proper file, malware, and memory forensics techniques were able to catch the ModifiedElephant threat actor planting incriminating evidence on defendants' computers in India.

#BhimaKoregaon #StanSwamy #RonaWilson #BK16 #ArsenalConsulting #NetWire #trojan #democracy #HumanRights #CyberSecurity #ComputerForensics #india

https://anchorednarratives.substack.com/p/the-trojan-solved-the-bhima-koregaon

Trojaner in Indien: Falsche Beweise untergejubelt – netzpolitik.org/2022/trojaner-… #StaatlichesHacken #ArsenalComputing #ModifiedElephant #Staatstrojaner #Spearphishing #narendramodi #Überwachung #SentinelOne #RonaWilson #Sidewinder #DarkComet #keylogger #Hangover #Netwire #indien

Nanocore, Netwire and AsyncRAT spreading campaign uses public cloud infrastructure - By Chetan Raghuprasad and Vanja Svajcer.

Cisco Talos discovered a malicious campaign in ... http://blog.talosintelligence.com/2022/01/nanocore-netwire-and-asyncrat-spreading.html #asyncrat #nanocore #netwire #securex #threats

Operation “Armor Piercer:” Targeted attacks in the Indian subcontinent using commercial RATs - By Asheer Malhotra, Vanja Svajcer and Justin Thattil.

Cisco Talos is tracking a c... http://feedproxy.google.com/~r/feedburner/Talos/~3/q-HOEjOIE_U/operation-armor-piercer.html #avemariarat #warzonerat #malware #netwire #securex #maldoc #apt #rat

Threat Roundup for April 23 to April 30 - Today, Talos is publishing a glimpse into the most prevalent threats we've observe... http://feedproxy.google.com/~r/feedburner/Talos/~3/eQBIuhn2P4Y/threat-roundup-0423-0430.html #vulnerabilities #copperstealer #threatroundup #ciscotalos #zeroaccess #darkcomet #features #lokibot #malware #netwire #securex #dridex #remcos #njrat #talos #iocs #razy

Threat Roundup for April 16 to April 23 - Today, Talos is publishing a glimpse into the most prevalent threats we've observe... http://feedproxy.google.com/~r/feedburner/Talos/~3/mLxP_hh2iC0/threat-roundup-0416-0423.html #vulnerabilities #threatroundup #ciscotalos #coinminer #darkcomet #qjwmonkey #features #phorpiex #trickbot #hawkeye #malware #netwire #securex #tofsee #zegost #talos #iocs

Threat Roundup for November 13 to November 20 - Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 13 ... http://feedproxy.google.com/~r/feedburner/Talos/~3/bAxCtkzamIU/threat-roundup-1113-1120.html #ponystealer #tinybanker #trickbot #lokibot #netwire #ruskill #kuluoz #ursnif

Threat Roundup for October 23 to October 30 - Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 23 ... http://feedproxy.google.com/~r/feedburner/Talos/~3/mKvMlbu1KJk/threat-roundup-1023-1030.html #vulnerabilities #threatroundup #ciscotalos #darkcomet #gamarue #lokibot #malware #netwire #cerber #dridex #emotet #ramnit #talos #busy

Threat Roundup for July 10 to July 17 - Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 10 ... more: http://feedproxy.google.com/~r/feedburner/Talos/~3/5xwSFuaOkq0/threat-roundup-0710-0717.html #vulnerabilities #threatroundup #ciscotalos #tinybanker #lokibot #malware #netwire #dridex #emotet #remcos #talos

Threat Roundup for July 3 to July 10 - Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 3 a... more: http://feedproxy.google.com/~r/feedburner/Talos/~3/T2HIMzzdrZc/threat-roundup-0703-0710.html #vulnerabilities #threatroundup #ciscotalos #generickdz #lokibot #malware #netwire #dridex #emotet #fareit #njrat #talos #razy