The Sunday Times and the Bureau of Investigative Journalism stated that an Indian cyber gang, known as a “hack-for-hire” businesses, work all across India and hack into the emails and phones of VIPs and governments for a price.
Further investigation exposed many Indian hackers executing orders for for rich British attorneys and British investigators working for dictatorial states in order to compromise the private email accounts and communications of over 100 victims.
An Indian cyber gang with apparent links to the City of London targeted more than 100 VIPs, including the BBC’s Chris Mason, the former chancellor Philip Hammond, and football legend Michel Platini.
The Sunday Times investigation was based on papers that were leaked and undercover work done in India earlier this year by journalists posing as former MI6 operatives. They claimed that one group “seized access of computers” belonging to Pakistani lawmakers, generals, and diplomats and spied on their private communications “probably at the direction of the Indian secret services.”
Attacks by Indian cyber gang against VIPs
There was a lot of work uncovered by the Sunday Times investigation based on the stolen papers and undercover operations in India.
Three weeks after being appointed as the Corporation’s political editor, Mr. Mason allegedly came under attack in May. Conversely, Mr. Hammond allegedly came under attack when Russian operatives allegedly used a Novichok nerve toxin to kill Sergei Skripal and his daughter in Salisbury in 2018.
Only a few days after meeting Boris Johnson and Liz Truss in Downing Street to discuss Russian sanctions, the Swiss president and his deputy came under attack.
The former president of European football, Michel Platini, was hacked just before he was scheduled to speak with French authorities about corruption charges involving this year’s World Cup.
Another well-known victim was reportedly Mark Fullbrook, the head of staff for Ms. Truss. While Indian cyber gang gained access to the email accounts of the executives of the Formula One racing teams, Otmar Szafnauer, the chief executive of the Aston Martin team, and Ruth Buscombe, a British who served as director of race planning for the Alfa Romeo team.
The group was directed to target a British-based tycoon who was fleeing President Putin by a private investigator hired by a London legal firm working for the Russian government.
Former cabinet minister David Davis claims:
It paints a grim picture of a network of criminal hacking that threatens justice and privacy here in the UK and across the world.
Who is behind these attacks?
The hacker group known as WhiteInt is operating out of a fourth-floor apartment in Gurugram, an Indian IT hub city. Its inventor is 31-year-old Aditya Jain, a cybersecurity expert on TV who works a day job at the Indian branch of British accounting company Deloitte.
Jain managed a network of hackers for seven years who were hired by British private detectives to use phishing methods to access their targets’ email inboxes. His team has used malicious software to control computer cameras and microphones, enabling them to see and hear their targets.
The Sunday Times contacted Jain and he told them:
I offer access to closed source information of email and computers of the PoI (person of interest) anywhere across the globe an average timeline is around 20 to 30 days.
When the team reached him last month, he said he didn’t know some of the persons mentioned on his database and denied hacking the others:
I can say clearly that I have not hacked, launched, or attempted to attack any of these people.
According to Jain, UK businesses have been using Indian hackers for more than ten years. One of them purportedly launched in Delhi more than a decade ago with the goal of educating a new generation of ethical hackers who could defend people and companies against cyberattacks.
Later, a copy of the top-secret database holding information on Jain’s customers and hacking targets was sent to The Sunday Times and the Bureau. The list includes British private investigators as one of its seven named customers.
The information shows that Rey gave Jain the order to hunt out Calvert on April 22, 2019. Only a few weeks before, Insight had published an article outlining the illegal $100 million “success fee” that Qatar had promised FIFA in exchange for the privilege to host the tournament.
The database includes a number of targets, including wealthy British attorneys and individuals like Boris Mints who engage in lawsuits before the London High Court. Ashok Hinduja and Robert Tchenguiz, two of the wealthiest families in the UK, as well as a Russian oligarch hiding in Britain who is on the run from the Russian government. Unverified evidence is not always ignored by British courts.
Jain’s team used malware to take control of his computers and similarly attacked the nation’s top generals as well as its embassies in Beijing, Shanghai, and Kathmandu. Pervez Musharraf, the nation’s former president, was the most well-known target regarding Pakistan.
Jain revealed last month that he had hacked into people’s accounts in the past but claimed that it had been years. He denied hacking the other individuals found on his database and said he did not know some of them.
He claimed:
I can say categorically that I have not hacked, launched or attempted to hack any of these people.
A Swiss-based investigator by the name of Jonas Rey strongly denied authorising hacking and said that the journalists had been given fake material to damage him.
Help your colleagues keep a security-first mindset and boost your human firewall by starting your Phishing Tackle security awareness training today with our two-week free trial.