Sumit Gupta, formerly accused of a hack-for-hire scheme in California in 2015, is the owner of Delhi based BellTroX company. The Indian IT firm is a global hackers-for-hire service platform that has targeted thousands of high-profile individuals and organizations.
University of Toronto’s Citizen Lab states that BellTroX is dubbed as ‘Dark Basin‘ and has targeted several advocacy groups, senior politicians, government officials, CEOs, journalists, and human rights defenders. NortonLifeLock also conducted a parallel investigation into Dark Basin’s operations dubbed as the “Mercenary.Amanda”.
University of Toronto based Citizen’s Lab affirmed, “With high confidence, we link Dark Basin to Belltrox Infotech Services, an India-based technology company.” Belltrox was promoted as a platform for “Ethical Hacking” services.
Citizen’s Lab reported Rockefeller Family Fund, Climate Investigations Center, Greenpeace, Center for International Environmental Law, Oil Change International, Public Citizen, Conservation Law Foundation, Union of Concerned Scientists, M+R Strategic Services and 350.org as some of the targeted firms.
Research states that the attacks used a URL shortener to disguise about 28,000 other phishing links that contained the targets’ email addresses. Initially suspected, however, the group does not operate as state-sponsored and conducts commercial cyberespionage.