Illegal hacking operatives, dubbed “hack-for-hire” companies, are operating across India and infiltrate emails and phones of VIPs and states for a fee paid by private investigators around the world, an undercover investigation has claimed on Sunday.
‘The Sunday Times’ and Bureau of Investigative Journalism conducted a sting operation to expose several Indian hackers offering their services to hack into private email accounts and messages of victims on behalf of investigators working for autocratic states, British lawyers and their wealthy clients.
According to the investigation based on leaked documents and undercover work in India earlier this year, journalists posing as former MI6 agents turned private investigators claim that one gang “seized control of computers” owned by Pakistan’s politicians, generals and diplomats and eavesdropped on their private conversations “apparently at the behest of the Indian secret services”.
The hacking gang, which operates under the name WhiteInt, is run from a fourth-floor apartment in a suburb of the tech city Gurugram in Haryana. Its mastermind is a 31-year-old man – an occasional TV cybersecurity pundit who also holds down a day job at the Indian office of a British accountancy firm, according to the ‘Sunday Times’ report.
For seven years, he has run a network of computer hackers who have been hired by British private detectives to steal the email inboxes of their targets using ‘phishing’ techniques, it claims. Malicious software which takes control of computer cameras and microphones, and allows hackers to view and listen to their victims are some of the methods used in such hack-for-hire operations, which earns hackers anywhere between USD 3,000 and 20,000.
“I offer access to closed source information of email and computers of the PoI [person of interest] anywhere across the globe… an average timeline is around 20 to 30 days,” he was quoted as telling the undercover journalists. When approached last month by the team, he claimed he did not know some of the people named on his database and denied hacking the others listed: “I can say categorically that I have not hacked, launched or attempted to hack any of these people.”
Another operative contacted by the team was a 28-year-old computer specialist, who boasted of hacking more than 500 email accounts, mostly on behalf of his corporate intelligence clients. “The British and the whole world… are using Indian hackers,” he is quoted as saying in Delhi.
When approached for comment last month, he claimed he had only “hacked 100 times” and that he was “blowing my own trumpet”. He alleged that UK companies had been employing Indian hackers for more than a decade.
One of them was allegedly set up in Delhi more than a dozen years ago supposedly to train a new generation of “ethical” hackers who could help safeguard individuals and businesses from cyberattacks. However, the firm, now defunct, is alleged to have secretly established a lucrative sideline taking cash from clients around the world to hack individuals. These clients are said to have included corporate intelligence companies based in Britain, the Sunday Times reported.
The undercover investigation concludes that the use of the “Indian underworld to break into email accounts and smartphones has become a practice that has been proliferating for years”.
Investigators from the UK have been able to commission “hack-for-hire” firms with little fear that they will be prosecuted for breaking the country’s computer misuse laws. Several of the targets on the leaked database accessed by them include British lawyers and wealthy people involved in cases in London’s High Court, reportedly including a member of the UK’s richest Indian-origin Hinduja family, the Sunday Times report said.
(This report has been published as part of the auto-generated syndicate wire feed. Apart from the headline, no editing has been done in the copy by ABP Live.)