New Hacking-for-Hire Company in India

Citizen Lab has a new report on Dark Basin, a large hacking-for-hire company in India.

Key Findings:

  • Dark Basin is a hack-for-hire group that has targeted thousands of individuals and hundreds of institutions on six continents. Targets include advocacy groups and journalists, elected and senior government officials, hedge funds, and multiple industries.
  • Dark Basin extensively targeted American nonprofits, including organisations working on a campaign called #ExxonKnew, which asserted that ExxonMobil hid information about climate change for decades.
  • We also identify Dark Basin as the group behind the phishing of organizations working on net neutrality advocacy, previously reported by the Electronic Frontier Foundation.
  • We link Dark Basin with high confidence to an Indian company, BellTroX InfoTech Services, and related entities.
  • Citizen Lab has notified hundreds of targeted individuals and institutions and, where possible, provided them with assistance in tracking and identifying the campaign. At the request of several targets, Citizen Lab shared information about their targeting with the US Department of Justice (DOJ). We are in the process of notifying additional targets.

BellTroX InfoTech Services has assisted clients in spying on over 10,000 email accounts around the world, including accounts of politicians, investors, journalists and activists.

News article. Boing Boing post

Posted on June 19, 2020 at 6:38 AM3 Comments

Comments

Phaete June 19, 2020 9:20 AM

Not just callcenters are outsourced to India it seems.
I’m curious who their customers are.

Alejandro June 19, 2020 11:00 AM

I read some of the write-ups and they are pretty scary. Also, as usual, no good advice on how to mitigate or prevent the intrusions.

I did pick up a couple tidbits though. Some of the phishing attempts originated in India, from 49.x, so possibly a firewall rule to block 49.0.0.0/8 might help. Probably blocking India altogether could work, if you have that capability.

Apparently, much of the hacking is routed through anonymous VPNS which may have USA based ip addresses, so…good luck with that.

These are some real bad actors folks.

Charles January 2, 2021 6:55 AM

Have you guys checked out this guy Aviv Nadav at whitecaphacker2@gmail.com dude’s a cyber guru, involved with cloning phones, hacked into my ex’s gmail and facbook, what let me knowing she was infidel and also gave my nephew some really outstanding school scores which he upgraded himself, cool way to have financial freedom as well. Get your bank blank atm cards which could debit money from any a.t.m machine. Make $20,000 and more in a couple days. Bank transfers and wire transfers as well as Paypal jobs, change of credit record hes that good, had to make him my personal hacker. You could mail him as well if you got issues, he’s as discreet and professional too. He’s kinda picky though so make mention of the reference. Charles referred you. Your welcome

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.