India’s hacking ecosystem has seen manifold growth over the past few years. And, today, there are thousands of hackers that are carrying out clandestine operations but have escaped the glare of cybersecurity experts. Recently, BellTrox InfoTech services, a little-known Delhi-based technology firm, which was at the centre of a hacking operation that targeted thousands of emails of high-profile people, had hogged the limelight.
Thousands of young people, mostly based in small indian towns, often self learn how to hack or break into systems, devices and networks to figure out ways to make easy money. “The BellTrox incident is not surprising. Several companies or individuals who provide services like social media management to their clients may be asked to do some kind of hacking The money is better in such work, but not everyone will agree to do it,” said rohit Srivastwa, a veteran of the cybersecurity industry who has recently published a book ‘My Data, My Privacy, My Choice.’
According to revelations by Canada-based Citizen Lab, and first reported by Reuters, the underlying technology Belltrox used to allegedly target “thousands of individuals and organisations on six continents, including senior politicians, government prosecutors, chief executive officers (CEOs), journalists, and human rights defenders is phishing.” Phishing attacks could either be in the form of an email from a trusted source asking for personal information such as passwords, bank details and personal details, or it could mimic an existing website or webpage and trick a user into entering confidential information on the page.
