An unheralded and unheard of Indian company based out of Delhi, BellTrox InfoTech Services, is alleged to have been spying on investors, politicians, lawyers, and environmental groups across the world for seven years, according to an investigative report.
BellTrox, it is claimed, hacked into, and spied on, over 10,000 email accounts of targets across countries and professions, including judges in South Africa, politicians in Mexico, lawyers in France, environmental groups and journalists in the US and gambling tycoons in the Bahamas.
According to a Reuters report, aspects of BellTroX’s hacking spree aimed at American targets are currently under investigation by the US law enforcement agency.
Though Reuters has scooped the news, the actual investigation into the shady shenanigans was carried out by Toronto-based internet watchdog Citizen Lab. Apparently, it spent over two years investigating the ‘Hack-For-Hire Operation’, and it now claims BellTrox was “one of the largest spy-for-hire operations ever exposed”.
Interestingly, there is no mention of any Indian target being hacked into by BellTrox.
1. MAJOR REPORT: We’re outing a massive hack-for-hire operation @citizenlab. We’re attributing them to to BellTroX, an Indian company. Join me on a wild THREAD about mercenary hacking.https://t.co/8Q9Uk5FmW7 pic.twitter.com/kKAnkb3fjeJune 9, 2020
Mired in mystery
BellTrox’s owner, identified as one Sumit Gupta, has refused to disclose who had hired him and also denied any wrongdoing.
It is, however, said that in 2015, the US indicted several US-based private investigators and also Sumit Gupta (whom the it notes also uses the alias Sumit Vishnoi), for their role in a hack-for-hire scheme. An aggregator of Indian corporate registration data lists Sumit Gupta as the director of BellTroX, and online postings by a “Sumit Vishnoi” contain references to BellTroX.
BellTroX and its employees appeared to have used euphemisms for promoting their services online, including “Ethical Hacking” and “Certified Ethical Hacker.” BellTroX’s slogan is: “you desire, we do!”
BellTroX staff activities listed on LinkedIn include: Email Penetration, Exploitation, Corporate Espionage, Phone Pinger, Conducting Cyber Intelligence Operation.
Further, BellTroX’s LinkedIn pages, and those of their employees, have received hundreds of endorsements from individuals working in various fields of corporate intelligence and private investigation.
Since a few days back, BellTrox’s site is throwing up an error message.
Not so uncommmon
Among the more recent reports of hacking, BellTrox is believed to have spied on targets like American private equity firm KKR, and equity research firm Muddy Waters Research, though it is unclear who might have hired it for the job.
Although they receive a fraction of the attention devoted to state-sponsored espionage groups, it is said that “cyber mercenary” services are widely used across countries.
As per the investigations, the data scooped up provide insight into the operation, detailing tens of thousands of malicious messages designed to trick victims into giving up their passwords. The messages were reportedly sent by BellTroX between 2013 and 2020.
Despite the indictment, BellTroX and other companies that provide these services publicly promote their activities. This, analysts say, suggests that companies and their clients do not expect to face legal consequences and that the use of hack-for-hire firms may be standard practice within the private investigations industry.