Washington: A years-long legal dispute between an Iranian-American businessman and the Investment Authority of Ras Al Khaimah, one of the seven emirates that make up the United Arab Emirates, has now entangled a private investigator in North Carolina and two hacking-for-hire firms in India.
In a lawsuit filed last week in federal court in North Carolina, Farhad Azima, an Iranian aviation executive who lives and works in America, accused law firm Dechert LLP of hiring a private investigator, Nicholas Del Rosso, who then allegedly hired hackers in India to steal documents from Azima. Nicholas Del Rosso and his company Vital Management Services Inc. are named as defendants in the suit. Dechert LLP isn’t a named party in the suit. Azima is seeking monetary damages and an injunction against further hacking.
The suit comes after reporting by Bloomberg and Reuters earlier this year that showed an Indian company, Belltrox Infotech Services, had for years worked as a “hacking-for-hire” service, targeting more than 10,000 people and companies. The suit filed by Azima last week is the first to mention Belltrox in U.S. courts.
The lawsuit claims that Indian “hacking-for-hire” firms CyberRoot Risk Advisory Private Ltd. and Belltrox worked together to hack and publish Azima’s stolen data as part of an ongoing legal dispute between Azima and the investment authority over the sale of a hotel in Tbilisi, Georgia. In May, a U.K. court found that Azima hadn’t sufficiently proven the Investment Authority of Ras Al Khaimah was responsible for the hacking. Azima was allowed to appeal that ruling, which will be heard in March 2021.
Dechert LLP didn’t respond to a request for comment. A lawyer for Del Rosso declined to comment. CyberRoot and Belltrox didn’t immediately respond to a request for comment.
Bloomberg reported earlier this year that Belltrox is under investigation by federal prosecutors in Manhattan. Belltrox has allegedly attempted to hack climate activists, hedge fund employees and journalists on behalf of its clients, Bloomberg previously reported. A spokesperson for the U.S. Attorney’s Office in Manhattan declined to comment.
In July, Senator Sheldon Whitehouse, a Democrat from Rhode Island, sent a letter to U.S. Attorney General Willam Barr expressing his concern about potential “political pressure” in the investigation of Belltrox. According to the lawsuit, CyberRoot used Belltrox’s servers to carry out hacks on Azima and assisted in publishing the stolen data online.
Azima alleges that Del Rosso, the North Carolina-based private investigator, directed CyberRoot to send “spear-phishing” emails to Azima in order to gain access to his email and online accounts. The suit alleges that Del Rosso was hired by law firm Dechert LLP partner Neil Gerrard, which was representing the investment authority in its dispute with Azima. Gerrard didn’t respond to a request for comment.
In his lawsuit, Azima describes an alleged web of law firms, private investigators and hackers in India. Such tangled relationships are common in hacking for hire schemes, according to cybersecurity experts, because intermediaries can be used to obfuscate who may be ultimately responsible for a hacking attempt and make it difficult for investigators to peel back the layers to the ultimate source.
An archive of Azima’s emails were published online in August 2016. Following the publication of his emails, the Ras Al Khaimah Investment Authority launched a £3.7 million fraud case against Azima in the U.K. as part of its dispute over the hotel in Georgia. In June, the U.K. High Court ruled against Azima, ordering to pay more than $4 million in damages. Azima was granted the opportunity to appeal an aspect of the case, concerning the investment authority’s culpability in the alleged hacking.
Azima, in the new lawsuit, suit alleges that Dechert LLP paid Del Rosso more than $1 million for his work, and that Del Rosso paid more than $1 million to CyberRoot. A representative for Azima wasn’t able to immediately clarify how they had determined the amount of money exchanged between Dechert, Del Rosso and CyberRoot or explain how they had traced the alleged hack back to the Indian firms.
The case is Azima v. Del Rosso, 20-cv-954, U.S. District Court, Middle District of North Carolina. –Bloomberg