New Delhi: BellTrox InfoTech Services, a small IT firm based in West Delhi, has allegedly been spying on investors, politicians, lawyers, and environmental groups across the world for seven years, according to a Reuters report.
The news report said BellTrox spied on over 10,000 email accounts of targets across countries and professions, including judges in South Africa, politicians in Mexico, lawyers in France, environmental groups and journalists in the US and gambling tycoons in the Bahamas.
Toronto-based internet watchdog Citizen Lab spent over two years investigating the ‘Hack-For-Hire Operation’, trying to understand the structure of the operation. In a report released Tuesday, they said BellTrox was “one of the largest spy-for-hire operations ever exposed”, according to Reuters.
However, neither reports give a specific mention of India-based targets.
On US radar for several years
In 2015, BellTrox owner and director Sumit Gupta was charged in the US in a hacking case after two American private investigators said they had paid Gupta to hack email accounts of marketing executives. Gupta had reportedly been declared a fugitive in 2017, although the current status of this case is unknown.
US law enforcement is currently investigating the Delhi firm’s involvement in hacking and spying on American users. According to the Citizen Lab report, the US Justice Department lists Sumit Vishnoi as an alias for Gupta.
Gupta denied the hacking attempts and said he had not been contacted by the authorities.
“I didn’t help them access anything, I just helped them with downloading the mails and they provided me all the details,” Gupta told Reuters.
Among the more recent reports of hacking, BellTrox is believed to have spied on targets like American private equity firm KKR, and equity research firm Muddy Waters Research, though it is unclear who might have hired it for the job.
Citing an article in The Financial Times, which in turn cites the Citizen Lab report, Muddy Waters Research tweeted that a German payment processing company Wirecard was a client of BellTrox.
Reuters said it validated the hacking attempts by cross referencing data received from internet service providers used by the hackers with emails received by hacker targets. It however, could not verify how many of the attempts were successful. It had combed through emails sent between 2013 and 2020.
Part of the BellTrox’s MO was to send malicious emails to trick victims into giving up their passwords. These would range from emails on horoscopes to porn spam. In one of the cases, the firm tried to emulate co-workers and even the sister of a New York target, the report said.