security

Many BellTroxes: Delhi is now India hacker hub

Findings by the Citizen Lab, a Toronto University-based internet watchdog, on Indian outfit BellTroX’s “hacking for hire” operations came as no surprise to India’s growing ethical hacker community.

New Delhi today has emerged as an important hub in the Indian hacker story. A simple Google search for hackers in Delhi would throw up at least 100, if not more, privately-owned “technical” ethical-hacking institutes, which offer everything from training a school or college dropout to become a hacker to certifying him or her, as per global standards.

“Koi bhi hacker ban sakta hai…,” (anyone can be a hacker) says an owner of an “ethical hacking institute” in East Delhi. He didn’t want to be named, neither did many other hackers ET spoke to.

“We don’t look for qualifications,” he adds. “It’s growing in Delhi, and it’s growing in India.” Another ethical hacker told ET that some illegal hackers in West Delhi had been gaining notoriety for their activities.

“In Delhi, you will find ethical hackers and a lot of hackers chasing bug bounty programs,” the hacker said. Some come through the grind, dropping out of schools or colleges to get their certifications for between Rs 60,000 to Rs 100,000 from institutes.

But that’s on the good side, with a vast majority of these hackers and hackers-to-be donning their white hats. But, with the same skillset, hackers can perform illegal operations ranging from blackmails to phishing to hacking into devices, launching ransomware attacks etc.

Many BellTroxes: Delhi is now India’s hacker hub. This is what’s referred to colloquially as HaaS or “hacker as a service”. The motives range from revenge (especially in divorce cases), destroying reputations (of business rivals, for example), and surveillance.

Payment is taken in bitcoins. “Bitcoins are internationally accepted and can’t be traced. It is very common in the illegal hacking space,” says the ethical hacking institute owner.

On June 10, the going rate on the dark web for merely hacking into a social media account was valued at 0.0236 bitcoin, or Rs 20,000. Similarly, hacking a web server (a virtual private network or VPN/hosting) was pegged at 0.0359 bitcoins. VPN, increasingly used as employees work from homes (and not the secure environment of offices), is a boon to unethical hackers.

Saket Modi, co-founder & CEO, Lucideus, a digital security company says, “There are forums that people can go to, to look for someone who can hack. And there are people who are tapping into those providing HaaS services.” Lucideus is a digital security company whose clients include NPCI, ICICI Bank, Pizza Hut, and the Delhi Airport.

Covid-19, predictably, is the flavour of the season, and lot of the attacks by hackers are masked as genuine Coronavirus-related information, feeding into people’s pre-existing anxieties and fears.

According to IBM X-Force, IBM’s threat intelligence group, since March 11, when Covid-19 was declared a pandemic by the WHO, there has been a 6,000% increase in Covid-19 related spam. They are mainly in the area of phishing emails, malware, and spam.

Some of these campaigns target small businesses that are looking for government relief. There are also reports of extortion cases where families are threatened with infection if the recipient fails to pay the ransom.

Faisal Kawoosa, founder, techArc says, “Hackers also offer corporate intelligence….often using proxies so that their physical address is difficult to find..”

Courtesy: ET tech

Follow us on Facebook, Twitter, LinkedIn.

Leave a Reply

Your email address will not be published. Required fields are marked *

*