Infiltration coverage to Indian hackers who actively carry out various 'hacking' from cheating investigation to removal of bad reputation of politicians



The non-profit journalism organization '

The Bureau of Investigative Journalism (TBIJ) ' and the British media ' The Sunday Times ' cooperated to conduct an undercover interview with a veteran hacker in India.

Exposed: the global hacking network that targets VIPs | News | The Sunday Times
https://www.thetimes.co.uk/article/exposed-the-global-hacking-network-that-targets-vips-nff67j67z

Inside the global hack-for-hire industry — The Bureau of Investigative Journalism (en-GB)
https://www.thebureauinvestigates.com/stories/2022-11-05/inside-the-global-hack-for-hire-industry

Because hacking is illegal, the hacker industry is highly secretive and information about illegal activity is rarely leaked. So, two reporters start an undercover investigation to hear from the hackers. He set up a fake corporate research firm called Beaufort Intelligence and contacted the hackers by pretending to be a recently retired British intelligence officer.

The reason why I pretended to be an intelligence officer was that the reporters were grasping the fact that ``British intelligence officers are actively hiring hackers.'' When the reporters sent a message to a suspected hacker in India, saying, ``We are looking for a cyber investigator who will cooperate in gathering information on our customer's target,'' he was caught and actually met face-to-face. It seems that we are going to talk.

The first hacker to reply was a man calling himself 'Mahendra Singh'. The man's LinkedIn profile page said that skills such as `` Android hacking '', `` mobile phone monitoring '', `` email tracking / intrusion '' were posted magnificently.

Singh, who contacted the reporter at the hotel `` Leela Palace '' in the suburbs of Delhi, India, first admits that he is using a pseudonym and reveals that he is actually named Tej Singh Rathor. After this, he began confessing about the many hacks he had done.



First, Ratall explained how he became a hacker. While studying Information Technology at the Rajasthan Institute of Technology in Kota, India, Mr. Rathor turned to the 'Ethical Hacking' course. Mr. Rathor said, 'I changed because I recognized that it was an emerging industry.' After graduating at the top of his class in 2014, Mr. Rathor got a job at a cybersecurity company based in Amritsar, a city in northwestern India, where his boss told him a secret.

Mr. Rathor's boss said, 'Computer' offensive work 'is much better paid than' defensive work 'to protect the system.' So, Mr. Rathor will go independent and sell his hacking technology to the company's information system department on LinkedIn. As a result, Mr. Latoll finds himself in a world of love tangles, corporate espionage, and even murder.

Mr. Rathor's first job is said to have been a woman working for a winemaker in New Jersey, USA. The winemaker said he wanted Mr. Rathor to hack her husband's email and check her husband's financial situation before divorcing.

Especially profitable was a request from a Belgian equestrian to 'hack a wealthy stableman in Germany.' ``We charged a Belgian client $20,000 for breaking into just one email account,'' Rathor recalled.

Mr. Latour was also involved in a murder that took place in Canada. In December 2017, billionaire Barry Sherman and his wife Honey Sherman were found dead next to the indoor pool of their Toronto home, with leather belts strangling them. It turns out that

Shortly after the incident, Mr. Rathor was contacted by a private investigator and asked to hack the dead Mr. Barry's email account. Although this hacking failed, Mr. Barry's cousin Kelly Winter was also asked to hack. Mr. Rathor, who received a request and revealed personal information about Mr. Winter and his family, was told by a private investigator that he was ``very impressed''.

Ultimately, it's unclear who the private investigator was commissioned to work for, but Ratall believes the ultimate client was one of the suspects in the case. that's right. This murder case has not been solved even at the time of writing the article.



Mr. Rathor also undertook the task of managing the reputation of politicians. In early 2021, Mr Ratall was paid £1,500 a month to bury an embarrassing article on a political blog by a London-based corporate intelligence firm working for former Conservative MP Matthew Gordon Banks in England. (about 250,000 yen) was handed over.

In order to erase this article from Google's ranking, Mr. Rathor posted positive content about politicians for a month. At one point, this job seemed to have disappeared from the rankings and seemed to succeed, but the article in question seems to come out as soon as you search for the name of the lawmaker. When asked by TBIJ about the facts, Mr. Gordon Banks said, ``I have never heard of the name Latoll,'' and denied that he used the services of a reputation management company.



Within a few years Mr. Rathor's hacking business had become a huge success. After building relationships with companies in North America, Hong Kong, Romania, Belgium and Switzerland, Rathor's next move was to enter the lucrative UK market for hacking.

``British companies have been hiring Indian hackers for more than a decade, most of them customers of Apin and BellTroX, the two largest companies in the hacking industry,'' Rathor argues.

Using the Indian underworld to compromise email accounts and smartphones has been a widespread practice for years, targeting British businesses, journalists and politicians, according to research by TBIJ and The Sunday Times. It seems that

evidence has also been found that illegal computer hacking is being done throughout London. Not only is India lax in enforcing computer misuse rules, but committing crimes in a distant country with a different jurisdiction can greatly reduce the risk of hackers being caught and prosecuted. It is said that he was attractive.

Asking hackers from other countries to hack from the UK is illegal and a crime punishable by imprisonment for up to 10 years. There is a similar law in India, and if you illegally access a computer, you will be sentenced to imprisonment for up to three years. However, the hackers are not afraid of being caught, and one person laughed and said, 'Has an Indian hacker been caught? There is no one.'



What was revealed in the investigation was that there are cases where security companies are ostensibly training righteous hackers called 'white hats' and are actually using them for evil.

One of the founders of such industry, Apin, is a company founded in Delhi over ten years ago. Apin was intended to train a new generation of 'ethical' hackers and protect individuals and businesses from cyberattacks, but the company is known for taking cash from customers around the world and hacking individuals. It is said that he secretly established a profitable side business. It is said that the customer included an information agency within a company based in the UK, but the company has disappeared at the time of writing the article, and the details are unknown.

At the forefront of the illicit industry, Apin went out of business in 2013 after hacking allegations were exposed by Norwegian cybersecurity experts. However, it seems that former employees trained at Apin are scattered like seeds and are launching new companies in various places.

One of Apin's successors is a company called BellTroX, which has become an important new player in the hacking industry. BellTroX has released evidence of hacking the email accounts of more than 10,000 British lawyers, government officials, judges, environmental groups, etc. It is said

In addition, the company's director and former Apin employee, Sumit Gupta, was placed on the US Department of Justice's wanted list after it was discovered that he was involved in a large-scale hacking operation with two US private investigators. I'm here.



Another hacker who responded to the reporter's call, Mr. Utkarsh Bhargava, is also active in India. Bhargava launched a series of cyberattacks against the governments of Turkey, Pakistan, Egypt and Cambodia at the behest of the Indian state, and analyzed the source code of the spyware ' Pegasus ' used in numerous hacks, and attacked various people. I said that I was hacking into. When the reporter who was given the code that was actually analyzed confirmed with a security expert, it seems that it was confirmed that it was indeed Pegasus. This code seems to be able to take measures such as constantly monitoring the position of the target.

Bhargava seemed confident that he would never be prosecuted for illegal activity, and when asked about the enforcement of the Computer Misuse Act in India, he said, ``Nobody is going to do it. The enforcers are the police, not IT professionals, so I can't understand this kind of thing.'

TBIJ said, “We contacted and secretly filmed a series of Indian hackers who openly talked about illegal jobs and the pernicious effects of the underground industry in the UK. All too often, people who think they are good people are actually bad people.'

in Software,   Web Service,   Security, Posted by log1p_kr