Indian-based cyber intelligence firm BellTroX InfoTech Services offered its hacking services to help clients spy on more than 10,000 email accounts over a period of seven years.
Researchers at internet watchdog group Citizen Lab, who spent more than two years mapping out the infrastructure used by the hackers, released a report on Tuesday saying they had “high confidence” that BellTroX employees were behind the espionage campaign.
It has also shared technical information unearthed during the investigation with researchers at cybersecurity company NortonLifeLock, who were conducting a parallel investigation into Dark Basin’s operations.
“This is one of the largest spy-for-hire operations ever exposed,” said Citizen Lab researcher John Scott-Railton.
BellTroX InfoTech Services targeted government officials in Europe, gambling tycoons in the Bahamas, and well-known investors in the United States including private equity giant KKR and short-seller Muddy Waters, according to three former employees, outside researchers, and a trail of online evidence.
Earlier in this year, US short-seller Muddy waters embroiled in a bitter battle with Abu-Dhabi based healthcare firm NMC Limited, after the latter produced a report questioning the company’s accounting practices and sending its stock tumbling.
BellTroX’s Sumit Gupta was charged in a 2015 hacking case in which two US private investigators admitted to paying him to hack the accounts of marketing executives. Gupta was declared a fugitive in 2017, although the US Justice Department declined to comment on the current status of the case or whether an extradition request had been issued.
Speaking by phone from his home in New Delhi, Gupta denied hacking and said he had never been contacted by law enforcement. He said he had only ever helped private investigators download messages from email inboxes after they provided him with login details.
This report by Citizen Lab clearly suggests that there are new cyber operations players such as BellTroX who are developing capabilities and outsourcing it’s to governmental and non-governmental players.