In a 19-page detailed report, the researchers have stated that Wilson was subjected to two specific cyberattacks.
Since their arrest, several journalistic investigations and those conducted by human rights and digital organisations like Amnesty Tech Lab, an interdisciplinary laboratory based at the Munk School of Global Affairs and Public Policy of the University of Toronto Citizen Lab, and Massachusetts-based digital forensics firm Arsenal Consulting have from time to time exposed the persistent cyber attack on the human rights defenders before they were framed in the case and arrested.
In a related report published earlier, Arsenal Consulting had published another damning report, which said that a cyber attacker had gained access to Wilson’s computer at least 22 months before his arrest and at least 10 incriminating letters were placed on it through this attack.
Now, findings by the US experts working with SentinelOne, have for the first time found that Wilson had come under radar way before his arrest.
Between February 2013 and January 2014, Wilson received phishing emails that can be attributed to the SideWinder threat actor, the report has found.
“The relationship between ModifiedElephant and SideWinder is unclear as only the timing and targets of their phishing emails overlap within our dataset,” the researchers claim.
Netwire was used not just to target Wilson but many other human rights defenders and a Mumbai-based journalist in 2019, according to the Amnesty International’s report.
The report, like all of them in the past, has stated that many questions about this threat actor and their operations remain.