.png "back to home page")
"Targets in the hacking campaign were American nonprofit groups that had been battling publicly with @exxonmobil for years over whether the oil company engaged in an effort to mislead the public about climate science, which the company has denied."https://t.co/idRpQOb50x
— Dr. Genevieve Guenther (@DoctorVive) June 9, 2020
The depth of reporting and investigation that @citizenlab has conducted here is astounding and the attribution is solid too.
— Sean Kerner (@TechJournalist) June 9, 2020
"With high confidence, we link Dark Basin to BellTroX InfoTech Services (“BellTroX”), an India-based technology company." https://t.co/39pW3iTQ8V
BREAKING: environmentalists including @Greenpeace, @350.org and Rockefeller Family Fund targeted in large #hacking operation linked to @ExxonMobil
— Jasper Teulings (@Patagorda) June 9, 2020
“We determined that hiring hackers may be a relatively common practice for many private investigators,” https://t.co/tR9EwXzuio
This piece doesn't name BellTroX but it should be read together with ours. It has disturbing details about the targeting of green groups who crossed swords with Exxon.https://t.co/mKFkqdkaLl
— Raphael Satter (@razhael) June 9, 2020
FBI investigating phishing emails sent to green groups.
— Steve Milloy (@JunkScience) June 9, 2020
Is it too late for the FBI to look into @PeterGleick's email shenanigans against the @HeartlandInst?
Gleick criminal referral: https://t.co/MiRCeAM24o
https://t.co/QWbbouwwxG
Great investigation by @Reuters, @citizenlab, and many others into a huge hackers-for-hire operation out of India. Outsourcing these services through PIs & lawyers creates layers of obscurity and deniability, shielding the end client - who were the employers contracting BellTroX? https://t.co/rODGY1iamZ
— Saher Naumaan (@saffronsec) June 9, 2020
Just published - Reuters says we (MW) were targeted for hacking by clients of BellTroX, an Indian hacking for hire firm. Perhaps coincidentally, FT just published a story naming Wirecard $WDI.GY as a BellTroX hacking client 1/ cc: @_MarkusBraun https://t.co/ta2pGqIFZO
— MuddyWatersResearch (@muddywatersre) June 9, 2020
Shocked...SHOCKED, that entrenched fossil fuel interests would engage in such illegal behavior!
— Michael E. Mann (@MichaelEMann) June 9, 2020
(not: https://t.co/ukFaw3lwU2)https://t.co/N48dskHOya
Wait, what?
— Murray Hunter ? (@muzhunter) June 9, 2020
South African judges among those targeted for spying by an "obscure cyber firm" in India: https://t.co/RNmIlMvnot pic.twitter.com/M5hiJn4VJJ
4. EXHIBIT A.1: American environmental orgs doing the #ExxonKnew campaign. (which said @exxonmobil hid information about climate change for decades). A private email from targets was “leaked” and used in critical coverage. NYT has the full story: https://t.co/lrO34fy2FV pic.twitter.com/GQrA41t22t
— John Scott-Railton (@jsrailton) June 9, 2020
NEW REPORT: Dark Basin: Uncovering a Massive Hack-For-Hire Operation https://t.co/p1PAJJCos5
— Citizen Lab (@citizenlab) June 9, 2020
More evidence that toxic commercial hacking services need to be cracked down on. The accountability gap must be closed now! > Incredible work by @citizenlab once again. Hackers for hire target tens of thousands including parliamentarians and lawyers ↘️ https://t.co/v5AB8wVrEz
— Marietje Schaake ?? (@MarietjeSchaake) June 9, 2020
The scope and scale of the hacking is like nothing I've ever seen before.
— Raphael Satter (@razhael) June 9, 2020
Researchers at @citizenlab - who have a report out today - have a write-up that gets into extraordinary detail about what this group did ... and how they were caught in the act:https://t.co/yUszvQyCgE
“Because the shorteners created URLs with sequential shortcodes, we were able to enumerate them and identify almost 28,000 additional URLs...” It’s small mistakes like this that blow your stuff up... https://t.co/hi9HTfr2Sf
— Hal Pomeranz (@hal_pomeranz) June 9, 2020
Federal prosecutors in Manhattan are investigating a global hacker-for-hire operation that sent phishing emails to environmental groups, journalists and others, according to people briefed on the inquiry https://t.co/jdh9heqb4O
— The New York Times (@nytimes) June 9, 2020
Breaking — New report from @citizenlab uncovering Dark Basin, a hack-for-hire group that has targeted thousands of individuals on six continents. Targets include advocacy groups and journalists, elected and senior government officials, hedge funds, and multiple industries. https://t.co/tT0cjxmmjz
— lex gill (@lex_is) June 9, 2020
NEW: @Reuters reveals for the first time the the hacking-for-hire firm that was paid to attack my organization @fightfortheftr and allied groups like @freepress at the height of the #netneutrality fight in 2017. https://t.co/UZ6IZWsNxT
— Evan Greer (@evan_greer) June 9, 2020
Reuters: A little-known Indian IT firm offered its hacking services to help clients spy on more than 10,000 email accounts over a period of seven years.https://t.co/eMlV5fvMtb
— Donie O'Sullivan (@donie) June 9, 2020
NEW: Little-known Indian cyber firm BellTroX InfoTech Services has been acting as an international hacking shop, helping clients spy on at least 10,000 email accounts belonging to politicians, investors, journalists and activists worldwide https://t.co/sm42wvWtGp
— Jack Stubbs (@jc_stubbs) June 9, 2020
Researchers at @citizenlab have also spent more than 2 years tracking this activity and say they have high confidence that BellTroX employees were behind the campaign. Per @jsrailton: "This is one of the largest spy-for-hire operations ever exposed.” https://t.co/8S7LXSnEcA
— Jack Stubbs (@jc_stubbs) June 9, 2020
For background, see this detailed report by @citizenlab @jsrailton: https://t.co/ZMhoQ0tksx — Belltrox is a name you’ve never heard. But they’re an important key ? to solving potentially thousands of targeted hacks. We know they work for private investigators and intel firms. https://t.co/ZmHhKYp8e3
— Chris Bing (@Bing_Chris) June 9, 2020
More targets: judges in South Africa, politicians in Mexico during the 2018 election, and lawyers in Paris. https://t.co/mXZfIK27Te pic.twitter.com/vhujfCEAOg
— Chris Bing (@Bing_Chris) June 9, 2020
“I didn’t help them access anything, I just helped them with downloading the mails and they provided me all the details," said Sumit Gupta
— pankaj mishra (@pankajontech) June 9, 2020
BellTroX’s Gupta was charged in a 2015 hacking case in which two U.S. private investigators admitted to paying him to hack the accounts
Over the past decade, an obscure Indian IT firm has quietly turned itself into an international hacking shop - helping a mysterious set of clients target upwards of 10,000 VIP email accounts worldwide.https://t.co/PaYhNIyLVZ
— Raphael Satter (@razhael) June 9, 2020
10. What BellTroX lacks in sophistication they make up for by being persistent. Some customers probably give them detailed dossiers to make convincing phishing. Also, they gave a hilarious cover story when @razhael @Bing_Chris @jc_stubbs called em up https://t.co/kSQk8WosxI pic.twitter.com/xuAPBbvIVv
— John Scott-Railton (@jsrailton) June 9, 2020
Congratulations to @citizenlab for the work on 'Dark Basin' work - Uncovering a Massive Hack-For-Hire Operation. We worked tirelessly through 2017 and presented our evidence to law enforcement in 2017 https://t.co/w6ExGfZPKj See below emails to UK law enforcement @Wirecard https://t.co/0q1i0M9rXb pic.twitter.com/gEZTJF4Zsr
— Fraser Perring - Grand Poobah of “criminal” shorts (@AIMhonesty) June 9, 2020
Very eager to see who (if anyone) DOJ charges after *someone* for hired this group to hack climate nonprofits (and plenty others).https://t.co/lZuiX112zP
— Kevin Collier (@kevincollier) June 9, 2020
New: Federal prosecutors in Manhattan are investigating a sprawling hacker-for-hire operation that targeted the email accounts of journalists, government officials, environmental groups and more.
— Nicole Hong (@nicole_hong) June 9, 2020
w/@barrymeier @ronenbergman https://t.co/QItv7flpWJ
Indian cyber firm, BellTroX InfoTech Services, spied on politicians in Europe, gambling tycoons in the Bahamas, and well-known investors in the US including private equity giant KKR and short seller Muddy Watershttps://t.co/1wY4PwLvI8
— pankaj mishra (@pankajontech) June 9, 2020
Dark Basin: Uncovering a massive hack-for-hire operation that targeted thousands of individuals and hundreds of institutions on six continents https://t.co/mSnqyNNmW7 pic.twitter.com/j4FdmalEdX
— Graham Cluley (@gcluley) June 9, 2020
Dark Basin Hack-For-Hire Group Targeted Thousands Over 7 Years #cybersecurity #dataprotection #cyberthreats #hackers #cybercrime #darkweb #BEC #privacy #databreaches #cyberattacks #cybercriminals #cybersec #infosec #ThreatIntelhttps://t.co/gT5dOy2S9L
— Jiniba (@JinibaBD) June 9, 2020
Vast hack-for-hire scheme against activists, corporate targets tied to Indian IT firm https://t.co/zwYQ2PZDKc via @jeffstone500 & @citizenlab, w/ a hat tip to our friends at @Reuters
— Sean Lyngaas (@snlyngaas) June 9, 2020
Vast hack-for-hire scheme against activists, corporate targets tied to Indian IT firm https://t.co/OmgBCqAkul
— profdeibert (@RonDeibert) June 9, 2020
1. MAJOR REPORT: We're outing a massive hack-for-hire operation @citizenlab. We're attributing them to to BellTroX, an Indian company. Join me on a wild THREAD about mercenary hacking.https://t.co/8Q9Uk5FmW7 pic.twitter.com/kKAnkb3fje
— John Scott-Railton (@jsrailton) June 9, 2020
Dark Basin a hack-for-hire organization that has targeted thousands of individuals and organizations on six continents. Great work @citizenlab !#hacking #cyberattacks https://t.co/t4DnyDs0yK
— Eduardo Izycki (@Dudarthur) June 9, 2020
Citizen Lab researchers disclose huge hack-for-hire operation targeting thousands of people from govt, business, & media across six continents.
— Eric Geller (@ericgeller) June 9, 2020
The campaign, linked to an Indian IT firm, "extensively targeted" U.S. nonprofits like anti-Exxon activists.https://t.co/7FSvw6phnA
NEW REPORT: "Dark Basin: Uncovering a Massive Hack-For-Hire Operation" by @citizenlab: https://t.co/OHz5HXYGVH @jsrailton @CyberClues @insyria @sienaanstis
— profdeibert (@RonDeibert) June 9, 2020
For years, researchers have tracked a group of hackers-for-hire that targeted US-based Net Neutrality and anti-Exxon campaigners. Now @citizenlab has identified the cybermercenaries behind these "Dark Basin" attacks: @BellTrox, a New Delhi company.https://t.co/YTXFGPyBpU
— Cory Doctorow #BLM (@doctorow) June 9, 2020
1/ pic.twitter.com/rfzDudVknP
Unhappy to have been a target for 2 yrs+, but happy to have helped these legit geniuses @citizenlab nail these turds
— Roddy Boyd (@RodBoydILM) June 9, 2020
CC: @jsrailtonhttps://t.co/A4HMCnv1Mc
Indian cyber firm BellTroX sent tens of thousands of malicious messages to get people to reveal passwords. The owner assures it was just "technical support" @jc_stubbs @razhael @Bing_Chris | Obscure Indian cyber firm spied on politicians, investors https://t.co/JKpIYwKqLm
— Brian Ellsworth (@brianpablo10) June 9, 2020
Exclusive: Obscure Indian cyber firm spied on politicians, investors worldwide https://t.co/cpHfwllsSF
— Christopher Parsons (@caparsons) June 9, 2020
Federal prosecutors in Manhattan are investigating a global hacker-for-hire operation that sent phishing emails to environmental groups, journalists and others looking into #Exxon. https://t.co/aJg2SwHjRq @sejorg @spj_tweets @amywestervelt @BenFranta @RBrulle
— Paul D. Thacker (@thackerpd) June 9, 2020
A bunch of info just dropped on a hackers-for-hire operation run out of India:
— Avi Asher-Schapiro (@AASchapiro) June 9, 2020
Still lots of question, such as: who paid these hackers to target critics of Exxon Mobil?
CitizenLab:https://t.co/Jd9k3fd4Cz
Reuters:https://t.co/WEL3eKhR0W
New York Times:https://t.co/4gtHfUaQdS
Environmentalists Targeted Exxon Mobil. Then Hackers Targeted Them.
— Adam Klasfeld (@KlasfeldReports) June 9, 2020
"Federal prosecutors in Manhattan are investigating a global hacker-for-hire operation that sent phishing emails to environmental groups, journalists and others." via NYThttps://t.co/81ny5mMr0i
Environmentalists leading effort to have ExxonMobil prosecuted for concealing climate change risk, a potential existential challenge to the company, became the target of a sophisticated hacking campaign, anonymous attackers impersonated their colleagues https://t.co/1Aw0NHBZXC
— Lee Fang (@lhfang) June 9, 2020
Shocked...SHOCKED, that entrenched fossil fuel interests would engage in such illegal behavior!
— Michael E. Mann (@MichaelEMann) June 9, 2020
(not: https://t.co/ukFaw3lwU2)https://t.co/N48dskHOya
Well, that explains a few odd things... Standing up to big oil has never been easy, but I'm awfully proud of the people who have been willing to try.
— Bill McKibben (@billmckibben) June 9, 2020
@leehwasserman https://t.co/eDI1HIJpac
A hack-for-hire group called Dark Basin has been outed after targeting thousands of individuals and organizations worldwide: https://t.co/wFAWVEPLKo
— Adam Levin (@Adam_K_Levin) June 9, 2020
My deepest thanks to the members of @citizenlab, who following years of dedication and tireless work have today begun to uncover a massive Hack-For-Hire Operation, which I have been subject to for over three years.https://t.co/lRPJCQJBIN 1/4
— Matthew Earl (@Lordshipstrade) June 9, 2020
Obscure Indian cyber firm spied on politicians, investors worldwide. "This is one of the largest spy-for-hire operations ever exposed," said Citizen Lab researcher John Scott-Railton. https://t.co/nCIAzG4Fby
— Bijay Limbu Senihang ™ (@bijaysenihang) June 10, 2020
Dark Basin, hack-for-hire group linked to Indian company, BellTroX InfoTech Services, targeted thousands of individuals and hundreds of institutions on 6 continents. Targets include advocacy groups, journalists, elected, senior government officials... https://t.co/wdpMP275QK
— Erin Gallagher (@3r1nG) June 10, 2020
Fascinating. A multi-year investigation by @citizenlab into a Delhi-based hack-for-hire firm that apparently targeted a variety of individuals/organizations. Security, or breaking it, is a multi-billion dollar industry indeed! https://t.co/RLgpQSNveJ pic.twitter.com/wTSjyZjQGb
— Subrahmanyam KVJ (@SuB8u) June 9, 2020
Details have emerged on one of the hacker-for-hire companies operating out of India, the ones recently referenced in Google TAG's quarterly report
— Catalin Cimpanu (@campuscodi) June 9, 2020
Here: https://t.co/3M8D9Q9R5X
and here: https://t.co/jEBOD1cnoA https://t.co/nLbRZIQBwt
An obscure Indian firm provided #hacking services to help spy on 10K+ email accounts over seven years, in one of the largest spy-for-hire operations ever exposed https://t.co/gOnoXfNbZF #security #cybersecurity
— Abhilash Annadurai (@abhilash_171) June 10, 2020
Evan Greer, deputy director of Fight for the Future, said: “When corporations and politicians can hire digital mercenaries to target civil society advocates, it undermines our democratic process.” https://t.co/6GOrFUjux4 #infosec @fightfortheftr
— Matthew Rimmer (@DrRimmer) June 9, 2020
When you fight greedy corporations and powerful politicians trying to take away people's basic rights int he digital age, you're bound to make some enemies. https://t.co/szR3ZQOjQN
— Fight for the Future (@fightfortheftr) June 9, 2020
Want to help us keep us going as a thorn in the side of evil doers? https://t.co/DgBZfkAeWe pic.twitter.com/kmqN1PY5lN
In 2017, my activist organization @fightfortheftr was targeted by the hacking-for-hire firm covered today in Reuters. Since Zbay (my new project) is partly inspired by this experience, I thought I'd share some thoughts here...https://t.co/ULHEdeOE7Z
— Zbay (@ZbayApp) June 9, 2020
"Aspects of BellTroX’s hacking spree aimed at American targets are currently under investigation by U.S. law enforcement, five people familiar with the matter told Reuters." https://t.co/T4orZh1HGr
— Scott Stedman (@ScottMStedman) June 9, 2020
It's a surreal experience to be the target of a sophisticated phishing operation.
— Evan Greer (@evan_greer) June 9, 2020
even more surreal to have the firm that targeted you exposed years later.
more surreal still to know an ISP very likely paid for it, but that might be impossible to prove https://t.co/STu5WDTXNO
Obscure cyber firm spied on politicians, investors worldwide: firm provided hacking services to help spy on 10K+ email accounts over seven years, in one of the largest spy-for-hire operations ever exposed #CyberSecurity #hackers #infosec https://t.co/T6Wj35135p
— Evan Kirstel #RemoteWork (@evankirstel) June 9, 2020
Federal prosecutors are investigating a global hacker-for-hire operation that sent phishing emails to environmental groups who targeted ExxonMobil — and also journalists, seemingly in an effort to reveal their sources. Huge story. https://t.co/k4Rxx8rvQO
— Sammy Roth (@Sammy_Roth) June 10, 2020
Environmentalists Targeted Exxon Mobil. Then Hackers Targeted Them. https://t.co/c4z2twlvpi #cybersecurity #cyberattacks #CorporatePredator
— Cynthia Gaffney (@cgaf99) June 10, 2020
Climate advocates working on the #ExxonKnew campaign faced a series of sophisticated hacking attempts in an effort to subvert their work to hold fossil fuel companies accountable for our climate crisis. Who would have done such a thing? h/t @leehwasserman https://t.co/ftrwotMnab
— Leah Stokes (@leahstokes) June 9, 2020
People & organizations investigating @exxonmobil's climate deceptions - including @Greenpeace, @ClimateWatchdog & @RockBrosFund - are being hacked.
— Ben Franta (@BenFranta) June 9, 2020
Wonder who's paying for it? ?https://t.co/wrioTeASpY