BellTrox India Exposed: They are hackers for hire

July 8, 2020
belltrox india dark basin hacking group

After seven long years of doing their malicious acts, a group of cybersecurity experts was able to pin down the Dark Basin hacking group. Whitehat experts suspect that the Dark Basin group is a government-backed hacking organization. They were able to do their unethical deeds across the globe in six continents targeting high profiled individuals such as government officials, CEOs, journalists, human rights defenders, and collaboratively, non-profit organizations of advocacy groups.


The success of Dark Basin

Dark Basin activities include email perforation, profile exploitation, and cyber intelligence espionage. They are using this gathered information to attack targeted groups or individuals to heed on their client’s favor or hinder their targets’ advocacy.

With multi-years of investigation and help from different victims, cybersecurity experts headed by Citizen Lab and Norton LifeLock was able to unmask the perpetrators finally. The two cybersecurity teams have submitted and analyzed pieces of evidence. They were able to confirm that the Dark Basin hacking group is a company located in New Delhi India under the registered name – BellTroX. It is an IT firm that is headed by its CEO – Sumit Gupta, aka Sumit Vishnoi. Their report was also able to cross out the suspicion that a Nation-state backs them. Deductions turned out that based on the patterns and the targets, the targets profiles show a conventional conflict with the said suspected state.


The discovery of Dark Basin link to BellTroX company came to known after an in-depth investigation done by an expert about one of its clients that handles the #ExxonKnew campaign.


The campaign was about the public deceit about the effect of climate change on people and the environment. People in favor of the campaign hired Dark Basin to infiltrate and do damage to individuals or organizations that go against them.

Unfortunately, Dark Basin failed to mask their digital footprints that lead to unearthing the truth about who they are as they do their work. With their intense and prudence website scanning, Citizen Lab and Norton LifeLock experts able to tie up the hacking source code kit used by Dark Basin to the recorded documents they gathered from the employees of BellTroX company. The investigation done is in addition to the cross-matching timeline activities of the Dark Basin group and people of BellTrox. Factors included are social media posts outlining the attack and getting credits out of it. Not to mention, the similarity of such a case filed against its CEO – Sumit Gupta in the Court of California for its indiction of corporate espionage.

All this evidence and other investigations result from previous attacks are now incorporated into a filed complaint in the United States Department of Justice (DOJ) and currently awaiting persecution.

About the author

Leave a Reply