A Confession Exposes India’s Secret Hacking Industry

0
460
The country has developed a lucrative specialty: cyberattacks for hire.

A Confession Exposes India's Secret Hacking Industry | The New Yorker
The hacking-for-hire business has prospered in India for some of the same reasons that I.T. outsourcing has: an abundance of inexpensive skilled labor in an open marketplace readily accessible to Western clients.Illustration by Anuj Shrestha
In the summer of 2020, Jonas Rey, a private investigator in Geneva, got a call from a client with a hunch. The client, the British law firm Burlingtons, represented an Iranian-born American entrepreneur, Farhad Azima, who believed that someone had hacked his e-mail account. Azima had recently helped expose sanctions-busting by Iran, so Iranian hackers were likely suspects. But the Citizen Lab, a research center at the University of Toronto, had just released a report concluding “with high confidence” that scores of cyberattacks on journalists, environmentalists, and financiers had been orchestrated by BellTroX, a company, based in New Delhi, that was running a giant hacking-for-hire enterprise. The operation had targeted numerous Americans. Burlingtons wondered: could Rey try to find out if Azima had been another BellTroX victim? He said yes.

Researchers at Citizen Lab had learned of BellTroX’s activities from someone that the company had tried to trick with “spear phishing”—sending a bogus message to trick a recipient into providing access to personal data. Citizen Lab spent three years investigating BellTroX, including by analyzing Web sites used to shorten and disguise phishing links, combing through social-media accounts of BellTroX’s employees, and contacting victims. Reuters, in coördination with Citizen Lab, published an exposé on BellTroX the same day as the report. But BellTroX’s owner denied any wrongdoing, the Indian authorities never publicly responded to the allegations, and the accusations remained unconfirmed.

Rey’s investigation into the Azima case shed new light not only on BellTroX but also on several other outfits like it, establishing beyond dispute that India is home to a vast and thriving cyberattack industry. Last year, Rey secured the first detailed confession from a participant in a hacking-for-hire operation. In court papers, an Indian hacker admitted that he had infiltrated Azima’s e-mail account—as had employees at another firm. Moreover, there were countless other Indian hackers for hire, whose work was often interconnected. John Scott-Railton, a senior researcher at Citizen Lab, who helped lead the BellTroX investigation, told me that the admissions Rey obtained are “huge” and “move the whole conversation forward.” He added, “You know how in some industries, everybody ‘knows a guy’ who can do a certain thing? Well, in hacking for hire, India is ‘the guy.’ They are just so prolific.”

LEAVE A REPLY

Please enter your comment!
Please enter your name here