Cybercrime

Indian hacker-for-hire firm wanted by FBI targeted ExxonMobil and others

 

Last week we reported on CloudEyE which was a legitimate Italian business helping hackers with spreading malware. Now, Citizen Lab has unveiled a major “hack-for-hire” operation based in India, as a legitimate, registered company.

The “multi-year investigation” by Citizen Lab revealed that the group targeted “advocacy groups and journalists, elected and senior government officials, hedge funds, and multiple industries.”

The hacker group known as ‘Dark Basin’ had also been working on a campaign accusing ExxonMobil of hiding information about climate change it had known.

Researchers at Citizen Lab stated:

“Over the course of our multi-year investigation, we found that Dark Basin likely conducted commercial espionage on behalf of their clients against opponents involved in high profile public events, criminal cases, financial transactions, news stories, and advocacy. This report highlights several clusters of targets. In future reports, we will provide more details about specific clusters of targets and Dark Basin’s activities.”

On discovering the information, Citizen Lab was quick to notify a large number of individuals and organisations targeted by the group. They additionally looped in Department of Justice (DOJ) and law enforcement bodies on the issue.

Citizen Lab was able to trace back the origins of ‘Dark Basin’ to an Indian company and individuals named in the report. Additionally, the timestamps found in hundreds of phishing emails appear to be in GMT+5:30 timezone, which corresponds to Indian Standard Time (IST).

“We link Dark Basin’s activity with high confidence to individuals working at an Indian company named BellTroX InfoTech Services (also known as “BellTroX D|G|TAL Security,” and possibly other names). BellTroX’s director, Sumit Gupta, was indicted in California in 2015 for his role in a similar hack-for-hire scheme.”

Detailed results of the investigation are available in the same report.

Ax Sharma

Ax Sharma is an Indian-origin British security researcher, journalist and TV subject matter expert with a focus on malware analysis and cybercrime investigations. His areas of interest include open source software security, threat intel analysis, and reverse engineering. Frequently featured by leading media outlets like the BBC, Channel 5, Fortune, WIRED, The Register, among others, Ax is an active community member of the OWASP Foundation and the British Association of Journalists (BAJ).

Recent Posts

Sea Turtle Cyber Espionage Campaign Targets Telecommunication and IT Companies in the Netherlands

Telecommunication, media, internet service providers (ISPs), information technology (IT)-service providers, and Kurdish websites in the…

10 months ago

Rogue WordPress plugin: Threat hunters uncover credit card skimming campaign targeting e-commerce sites

Rogue WordPress Plugin Found to Steal Credit Card Information in Magecart Campaign Threat hunters have…

11 months ago

Albanian Parliament and telco ‘One Albania’ suffer cyber attacks

The Assembly of the Republic of Albania and telecom company One Albania have recently fallen…

11 months ago

Carbanak Banking Malware Resurfaces with Updated Tactics in Ransomware Attacks

The banking malware Carbanak has resurfaced with updated tactics, incorporating attack vendors and techniques to…

11 months ago

Theme park giant Parques Reunidos hit by a ransomware cyber attack

One of the world's largest theme park operators, Parques Reunidos has disclosed a cybersecurity incident.…

2 years ago

Phishing kit screenshots your email domain on the fly to appear real

Phishing kit used by multiple hacked sites generates a log in page on the fly…

2 years ago

This website uses cookies.