Saturday, January 23, 2021
Home Lead Story Story Of Delhi-based Firm that Executed Global Cyber Heist

Story Of Delhi-based Firm that Executed Global Cyber Heist

A small IT company BellTroX InfoTech Services has targeted thousands of powerful individuals and organisations on six continents

Tucked in a small office at Netaji Subhash Place in Shakurpur area of East Delhi, an obscure IT company BellTroX InfoTech Services has targeted thousands of powerful individuals and organisations on six continents, creating ripples among the powers-that-be.

Although Citizen Lab, a laboratory based at the Munk School of Global Affairs and Public Policy of the University of Toronto which broke the story first, will further provide a comprehensive overview of certain targets and technical indicators in days to come, the ‘hack-for-hire’ firm has created ripples among the advocacy groups and journalists, elected and senior government officials, hedge funds and multiple industries.

How did a small Delhi firm able to execute such a big cyber heist?

Nicknamed ‘Dark Basin,’ the multi-year investigation found that ‘BellTroX’, owned by Sumit Gupta who was indicted in California in 2015 for his role in a similar hack-for-hire scheme, conducted commercial espionage on behalf of their clients against opponents involved in high-profile public events, criminal cases, financial transactions, news stories, and advocacy.

The story goes back to 2017 when a journalist who had been targeted with phishing attempts contacted Citizen Lab and asked if they could investigate. The research team linked the phishing attempts to a custom URL shortener, which the operators used to disguise the phishing links. Citizen Lab subsequently discovered that this shortener was part of a larger network of custom URL shorteners operated by a single group now called ‘Dark Basin’.

“Because the shorteners created URLs with sequential shortcodes, we were able to enumerate them and identify almost 28,000 additional URLs containing e-mail addresses of targets,” says Citizen Lab. The team used open source intelligence techniques to identify hundreds of targeted individuals and organizations, yielding several clusters of interest, including two clusters of advocacy organizations in the US working on climate change and net neutrality. Dark Basin’s targets were often on only one side of a contested legal proceeding, advocacy issue or business deal. The timings of sending phishing emails were consistent with working hours in India’s time zone.

Nicknamed ‘Dark Basin,’ the multi-year investigation found that ‘BellTroX’, owned by Sumit Gupta who was indicted in California in 2015 for his role in a similar hack-for-hire scheme. Pixabay

Additionally, ‘Dark Basin’ left copies of their phishing kit source code available openly online, as well as log files showing testing activity. The logging code invoked by the phishing kit recorded timestamps in India time zone, and log files show that Dark Basin appeared to conduct some testing using “an IP address in India”.

Citizen Lab collaborated with consumer cybersecurity brand NortonLifeLock and unearthed numerous technical links between the campaigns and individuals associated with BellTroX. “In at least one case, Dark Basin repurposed a stolen internal email to re-target other individuals. This incident led us to conclude that Dark Basin had some success in gaining access to the email accounts of one or more advocacy groups,” said the report.

For more news updates refer to Newsgram’s Facebook page

BellTroX employees sent phishing emails masquerading as targets’ colleagues and friends. The individuals that Dark Basin chose to target showed that it had a deep knowledge of informal organizational hierarchies (masquerading as individuals with greater authority than the target). “We concluded that Dark Basin operators were likely provided with detailed instructions not only about whom to target, but what kinds of messages specific targets might be responsive to,” the report noted.

Also Read: Stay Happy To Keep Gastrointestinal Distress At Bay, Research says

Citizen Lab says they do not have strong evidence pointing to the party commissioning them and is not conclusively attributing Dark Basin’s phishing campaign against these organizations to a particular Dark Basin client at this time. “That said, the extensive targeting of American nonprofits exercising their first amendment rights is exceptionally troubling,” it added. (IANS)



Most Popular

Study Reveals Valuing Friendships Can Keep One Healthy

Having friends in life is important as they give us both emotional support and practical advice, whenever needed. A new study now suggests that...

White House To Display The Moon Rock In Oval Office

NASA has loaned a Moon rock for display in the Oval Office of the White House at the request of the Joe Biden administration. The...

Analysis Shows Batterry Storage To Be Cheaper Than New Coal Power Plants

A new economic viability analysis on Friday revealed that renewable energy along with battery storage in Tamil Nadu is cost competitive with new coal...

Vegan kids may have low level of vitamin D

If your child is fully vegan, then there are chances that they may have a lower level of vitamin D, a new study suggests. The...

Pandemic time used for self-development, survey reveals

The pandemic year 2020 is past us but not the coronavirus and the impact it brought into our lives is probably the biggest disruption...

What And When Do You Need Estate Planning Strategies

There are estate planning strategies to reduce estate taxes. If you have assets that are exempt from the estate tax and that you intend...

Loney Adults Over The Age of 50 May Face Mental Health Problems

Lonely adults aged 50 and over reported an average of two worsening depressive and other mental health symptoms during the Covid-19 lockdown, a new...

Remembering Subhash Chandra Bose on Birth Anniversary: Know 5 Lesser Known Facts and Quotes by “Netaji”

Subhash Chandra Bose, popularly known as "Netaji" was born on 23rd January 1897. Netaji is considered the most exceptional and revered Freedom Fighter in...

Recent Comments