An employee at Deloitte’s India office was found masterminding an international hacking ring targeting British businesses, government officials and journalists. The gang operated out of a residential apartment in Gurugram from India’s Delhi NCR region.
The discovery comes as part of a larger investigation done in partnership with the Sunday Times Insight Team and the Bureau of Investigative Journalism working in tandem. Undercover reporters posing as former MI6 agents now working as corporate investigators looking to hire India’s best hackers were sent to India to meet and expose these hackers.
Several of the hackers that the undercover journalists spoke to claimed to have used Pegasus, an Israeli software known to cause political turmoil in the country. The hackers reported being tasked with breaking into networks of different ministries in the Turkish, Pakistani, Egyptian, Cambodian and Canadian governments to steal data and hand it over.
Outside of being boastful for never getting caught, the hackers maintained an impressive list of hacked mailboxes. The exposed Deloitte staffer, identified as Aditya Jain, 31, ran a hacking company under the name WhiteInt and claimed to be able to access anyone’s inbox within 30 days.
Phishing is a rather common tactic for these Indian hackers and as they continue to find more employment opportunities for their ‘hack-for-hire’ schemes, their methods are only getting better. One of the hackers that the reporters interviewed even claimed that around 90% of private investigators use Indian hackers for such jobs.
Jain’s database of hacked accounts consisted of noted personalities including former Pakistan President Musharraf, ex-UEFA president Platini, Swiss President Ignazio Cassis, former UK Chancellor Phillip Hammond, BBC political editor Chris Mason and BMW co-owner Quandt among others.
The hackers were able to stay under the radar mostly due to India’s leniency when it comes to enforcing rules in terms of computer misuse and other cybersecurity offences, something that’s being taken quite seriously around the world, especially considering the rise in cybercrime following the COVID-19 pandemic.
This isn’t the first time the issue of Indian hackers targeting prominent personalities across the world has come to light either. Back in June this year an investigation by Reuters revealed a unique database of more than 80,000 emails sent by Indian hackers to 13,000 targets around the world between 2013 to 2020.