New Delhi: In a startling revelation, a New Delhi-based technology company, BellTroX InfoTech Services, has been linked to a massive ‘hack-for-hire’ operation that targeted thousands of individuals and organisations in six continents, including senior politicians, government prosecutors, CEOs, journalists and human rights defenders. Also Read - Two Pakistan High Commission Officials Caught in Delhi For Spying, to Leave India Within 24 Hours

Named ‘Dark Basin’ by Citizen Lab, a laboratory-based at the Munk School of Global Affairs and Public Policy of the University of Toronto, the organisation offered its hacking services to help clients spy on more than 10,000 email accounts over a period of seven years.

BellTroX targeted government officials in Europe and well-known investors in the US.

The ‘hack-for-hire’ organisation extensively targeted American nonprofits, including organisations working on a campaign called #ExxonKnew, which asserted that ExxonMobil hid information about climate change for decades.

“With high confidence, we link Dark Basin to BellTroX InfoTech Services (BellTroX), an India-based technology company, and related entities,” Citizen Lab said in a detailed statement on Tuesday.

“We also identify Dark Basin as the group behind the phishing of organisations working on net neutrality advocacy, previously reported by the Electronic Frontier Foundation,” it added.

To recall, BellTroX’s director, Sumit Gupta, was indicted in California in 2015 for his role in a similar hack-for-hire scheme.

Some of the targeted organisations are Rockefeller Family Fund, Climate Investigations Center, Greenpeace, Center for International Environmental Law, Oil Change International, Public Citizen, Conservation Law Foundation, Union of Concerned Scientists and several others.

“Over the course of our multi-year investigation, we found that Dark Basin likely conducted commercial espionage on behalf of their clients against opponents involved in high profile public events, criminal cases, financial transactions, news stories, and advocacy,” said Citizen Lab.

The investigation found that some “high value” targets were sent more than 100 phishing attempts with very diverse content. The investigators were able to identify almost 28,000 additional URLs containing email addresses of the targets.

“We used open source intelligence techniques to identify hundreds of targeted individuals and organisations. We later contacted a substantial fraction of them, assembling a global picture of Dark Basin’s targeting,” said the researchers.

Dark Basin’s targets were often on only one side of a contested legal proceeding, advocacy issue, or business deal.

“Dark Basin has targeted dozens of journalists in multiple countries. Citizen Lab has notified and worked with some of these journalists over the past three years to assist them in investigating this case,” said the report.

Several of Dark Basin’s URL shortening services had names associated with India: Holi, Rongali and Pochanchi (likely a transliteration of the Bengali word for ‘fifty-five’).

The researchers were able to identify several BellTroX employees, whose activities overlapped with Dark Basin because they used personal documents, including a CV, as bait content when testing their URL shorteners.