1. Home
  2. How an obscure Indian cyber firm spied on politicians, investors through horoscopes and porn

How an obscure Indian cyber firm spied on politicians, investors through horoscopes and porn

News Network
June 27, 2020

Jun 27: Alittle-known Indian IT firm offered its hacking services to help clients spy on more than 10,000 email accounts over a period of seven years.

New Delhi-based BellTroX InfoTech Services targeted government officials in Europe, gambling tycoons in the Bahamas, and well-known investors in the United States including private equity giant KKR and short seller Muddy Waters, according to three former employees, outside researchers, and a trail of online evidence.

Aspects of BellTroX's hacking spree aimed at American targets are currently under investigation by U.S. law enforcement, five people familiar with the matter told Reuters. The U.S. Department of Justice declined to comment.

Reuters does not know the identity of BellTroX's clients. In a telephone interview, the company's owner, Sumit Gupta, declined to disclose who had hired him and denied any wrongdoing.

Muddy Waters founder Carson Block said he was "disappointed, but not surprised, to learn that we were likely targeted for hacking by a client of BellTroX." KKR declined to comment.

Researchers at internet watchdog group Citizen Lab, who spent more than two years mapping out the infrastructure used by the hackers, released a report that BellTroX employees were behind the espionage campaign.

"This is one of the largest spy-for-hire operations ever exposed," said Citizen Lab researcher John Scott-Railton.

Although they receive a fraction of the attention devoted to state-sponsored espionage groups or headline-grabbing heists, "cyber mercenary" services are widely used, he said. "Our investigation found that no sector is immune."

A cache of data reviewed by Reuters provides insight into the operation, detailing tens of thousands of malicious messages designed to trick victims into giving up their passwords that were sent by BellTroX between 2013 and 2020. The data was supplied on condition of anonymity by online service providers used by the hackers after Reuters alerted the firms to unusual patterns of activity on their platforms.

The data is effectively a digital hit list showing who was targeted and when. Reuters validated the data by checking it against emails received by the targets.

On the list: judges in South Africa, politicians in Mexico, lawyers in France and environmental groups in the United States. These dozens of people, among the thousands targeted by BellTroX, did not respond to messages or declined comment.

Reuters was not able to establish how many of the hacking attempts were successful.

BellTroX's Gupta was charged in a 2015 hacking case in which two U.S. private investigators admitted to paying him to hack the accounts of marketing executives. Gupta was declared a fugitive in 2017, although the U.S. Justice Department declined to comment on the current status of the case or whether an extradition request had been issued.

Speaking by phone from his home in New Delhi, Gupta denied hacking and said he had never been contacted by law enforcement. He said he had only ever helped private investigators download messages from email inboxes after they provided him with login details.

"I didn't help them access anything, I just helped them with downloading the mails and they provided me all the details," he told Reuters. "I am not aware how they got these details but I was just helping them with the technical support."

Reuters could not determine why the private investigators might need Gupta to download emails. Gupta did not return follow-up messages. Spokesmen for Delhi police and India's foreign ministry did not respond to requests for comment.

HOROSCOPES AND PORNOGRAPHY

Operating from a small room above a shuttered tea stall in a west-Delhi retail complex, BellTroX bombarded its targets with tens of thousands of malicious emails, according to the data reviewed by Reuters. Some messages would imitate colleagues or relatives; others posed as Facebook login requests or graphic notifications to unsubscribe from pornography websites.

Fahmi Quadir's New York-based short selling firm Safkhet Capital was among 17 investment companies targeted by BellTroX between 2017 and 2019. She said she noticed a surge in suspicious emails in early 2018, shortly after she launched her fund.

Initially "it didn't seem necessarily malicious," Quadir said. "It was just horoscopes; then it escalated to pornography."

Eventually the hackers upped their game, sending her credible-sounding messages that looked like they came from her coworkers, other short sellers or members of her family. "They were even trying to emulate my sister," Quadir said, adding that she believes the attacks were unsuccessful.

U.S. advocacy groups were also repeatedly targeted. Among them were digital rights organizations Free Press and Fight for the Future, both of whom have lobbied for net neutrality. The groups said a small number of employee accounts were compromised, but the wider organizations' networks were untouched. The spying on those groups was detailed in a report by the Electronic Frontier Foundation in 2017, but has not been publicly tied to BellTroX until now.

Timothy Karr, a director at Free Press, said his organization "sees an uptick in breach attempts whenever we're engaged in heated and high-profile public policy debates." Evan Greer, deputy director of Fight for the Future, said: "When corporations and politicians can hire digital mercenaries to target civil society advocates, it undermines our democratic process."

While Reuters was not able to establish who hired BellTroX to carry out the hacking, two former employees said the company and others like it were usually contracted by private investigators on behalf of business rivals or political opponents.

Bart Santos of San Diego-based Bulldog Investigations was one of a dozen private detectives in the United States and Europe who told Reuters they had received unsolicited advertisements for hacking services out of India - including one from a person who described himself as a former BellTroX employee. The pitch offered to carry out "data penetration" and "email penetration."

Santos said he ignored those overtures, but could understand why some people didn't. "The Indian guys have a reputation for customer service," he said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
June 25,2020

New Delhi, Jun 25: Diesel price in the national capital crossed the Rs 80 per litre-mark for the first time ever on Thursday as oil companies raised prices for the 19th day, taking the cumulative rate to Rs 10.63 a litre.

Petrol price, after a day's hiatus, was hiked by 16 paise and the increase in less than three weeks now totals Rs 8.66 per litre.

Petrol price in Delhi was hiked to Rs 79.92 per litre from Rs 79.76, while diesel rates were increased to Rs 80.02 a litre from Rs 79.88, according to a price notification of state oil marketing companies.

Diesel had for the first time become costlier than petrol in Delhi on Wednesday and has now crossed the Rs 80 per litre-mark.

Rates differ from state to state depending on the incidence of value-added tax (VAT).

However, diesel is costlier than petrol only in the national capital where the state government had raised local sales tax or VAT on the fuel sharply last month. It costs less than petrol in other cities.

The 19th daily increase in rates since oil companies on June 7 restarted revising prices in line with costs after ending an 82-day hiatus in rate revision, has taken diesel prices to fresh highs.

In 19 straight days, diesel price has gone up by Rs 10.63 per litre. Petrol price has been hiked on 18 occasions since June 7 and now totals to Rs 8.66 a litre.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
coastaldigest.com web desk
August 1,2020

New Delhi, July 1: In a terrific incident with chilling echoes of the 2015 Dadri mob lynching, a Muslim man, who was carrying meat, was savagely attacked by a mob belonging to a saffron outfit in the presence of in BJP ruled Haryana on the eve of Eid al-Adha. 

The incident occurred at around 9 a.m. on Friday, July 31 at Badshahpur village in Haryana’s Gurgaon, when Lukman was transporting meat in a pic-kup truck. 

The attack was captured on mobile phones by onlookers and the video clips of the incident are now spreading on social media. 

A group of saffronite cow vigilantes chased the truck for about 8 km managed waylay it. Lukman, who was driving the truck was pulled out and brutally assaulted on the suspicion that he was transporting cow meat.

Just like Dadri, the police were faster at sending the meat to a lab for testing than catching any one of the suspects. One of the assailants - Pradeep Yadav- has been arrested. 

After being beating to an inch of his life, Lukman was bundled into the pick-up truck and taken back to Gurgaon's Badshahpur village where the goons started thrashing him again.

This is when the police stepped in and stopped them - only to find the assailants fearless enough to even take on them.

Lukman was taken to a hospital and the police filed a case against "unidentified individuals" even though the video of the incident recorded by witnesses shows the faces of the assailants.

The owner of the vehicles said that the meat was buffalo and he has been in the business for 50 years.

The police have so far refused to give a statement on record on the incident and explain their inaction as seen on video.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
June 13,2020

New Delhi, Jun 13: In a bid to provide relief to small businesses amid the coronavirus pandemic, the GST Council on Friday decided to halve the interest rate on late filing of GSTR-3B returns for the period of February, March and April 2020.

The interest rate on late return filing will be 9% from the usual 18% till September 30, 2020. The benefit will be available for small taxpayers with aggregate turnover of up to Rs 5 crore.

For the three months, small taxpayers will not be charged any interest till the notified dates for relief and thereafter 9% interest will be charged till September 30, a Finance Ministry statement said.

"For small taxpayers (aggregate turnover upto Rs 5 crore), for the supplies effected in the month of February, March and April 2020, the rate of interest for late furnishing of return for the said months beyond specified dates (staggered upto 6th July 2020) is reduced from 18 per cent per annum to 9 per cent per annum till 30.09.2020," said the statement.

The Council has also extended relief to small taxpayers for subsequent period of 2020 through waiver of late fees and interest if the returns in Form GSTR-3B for the supplies effected in the months of May, June and July are furnished by September 2020.

It has also decided to reduce the late fee on the filing of GSTR-3B returns for the period between July 2017 and January 2020. The late fee has been capped at Rs 500, but interest will be charged at the existing rate on the due tax liability.

Speaking to the media in New Delhi after a GST Council meet through videoconference, Union Finance Minister Nirmala Sitharaman said that those entities with no tax liability will not have to submit the late fee for the period.

For entities with tax liability but which have not filed returns or have filed returns late, the late fee has been capped at Rs 500 without interest. Interest will, however, be payable on the tax component at the applicable rate for delays.

To facilitate taxpayers who could not get their cancelled GST registrations restored in time, the Council has provided an opportunity for filing of application for revocation of cancellation of registration up to September 30, 2020, in all cases where registrations have been cancelled till June 12, 2020.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.