Need to hack an investigative journalist? Perhaps you would like to spy on a well-known politician? Or maybe you would rather get some insider information from a prominent investor? Apparently there is a company that you can hire to do any and all of the above.
A recent scandal erupted surrounding a little known IT company based in Delhi, India. The company is called BellTrox InfoTech and it was exposed as a hack-for-hire service by a team of cybersecurity researchers.
Allegedly, the IT firm has been offering its services across the world for the last seven years. And its targets range from government officials, large company CEO’s and human rights activists to advocacy groups, journalists and beyond.
As it turns out, BellTrox has actually been under investigation for years on end and had been given the code name ‘Dark Basin’, previously thought to have been an informal hacking group. But it appears that really it was so much more than just that.
The company was busy conducting commercial espionage for its clients against their high-profile opponents and competitors. And in order to offer the best possible service, the hackers at BellTrox truly left no stone unturned. As per a report published by the University of Toronto’s Citizen Lab, this espionage involved financial transactions, public events, news stories and even criminal cases.
And it all began when a journalist targeted by phishing pages decided to contact Citizen Lab, who subsequently launched the investigation into ‘Dark Basin’. As Citizen Lab’s research revealed shortly after, the phishing pages were served by the exact same URL shortener that was used to disguise close to 28,000 other phishing links.
Initially, this even led the investigation to believe that the hacking group was state sponsored. However, due to the varied nature of the targets they uncovered, it soon became known that this was a paid hacking service they had stumbled upon.
Later it was also revealed that the owner of BellTrox InfoTech had in fact already been indicted for similar activities once before. In 2015 he was formally accused of partaking in a hack-for-hire scheme, where two private investigators admitted to purchasing his services in order to illegally gain access to the accounts of certain marketing executives.
The team of investigators and Citizen Lab proceeded to share their findings with the US Department of Justice. Furthermore, they also went on to inform hundreds of Dark Basin’s targets that they were being spied on and hacked. And most of them had very strong suspicions as to who exactly had ordered the espionage conducted on them.
But Citizen Lab wasn’t the only organization busy investigating the Indian IT company. NortonLifeLock is a cybersecurity company that had also been actively looking into BellTrox. Only they had dubbed the mysterious hacking group as ‘Mercenary.Amanda’.