Security News > 2020 > June > Researchers unmask Indian 'infosec' firm to reveal hacker-for-hire op that targeted pretty much anyone clients wanted

Canada's Citizen Lab laboratory has uncovered a hacks-for-hire phishing operation targeting anyone from political activists and oligarchs to lawyers and CEOs that hit more than 10,000 email inboxes over seven years.

The North American outfit claims to have traced the so-called Dark Basin campaign to an Indian firm called BellTroX InfoTech Services - which denies all wrongdoing.

Gupta's alleged operation was uncovered in part because phishing emails sent by BellTroX were all sent within usual office hours for India's GMT +5.30 timezone, Citizen Lab claimed.

More obviously, Citizen Lab claimed, BellTroX employees "Left copies of their phishing kit source code available openly online, as well as log files showing testing activity," which confirmed the Indian link.

Citizen Lab also linked BellTroX with oil multinational ExxonMobil, highlighting how BellTroX had targeted activist organisations that used the Twitter hashtag #ExxonKnows.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/06/09/citizen_lab_indian_hackers/