To live happy, live hidden. One could imagine that this maxim would find an echo very particular in those with illegal activities. Yet, the Citizen Lab in Toronto has just identified a group of hackers, mercenaries named the "Dark Basin" thanks to the publications of several members on the social networks. Hackers who targeted patrons, journalists, NGOS or political actors valued and their skills that are very specific to LinkedIn, says Numerama.
Read also Coronavirus : how hackers exploit fear
it All starts in 2017. A journalist then contacts the Citizen Lab, indicating having been the target of an attempted " phishing ". This method of hackers is intended in particular to obtain personal information by pretending to be a loved one. The team of the laboratory, which works on computer security then begins a work of ant. De fil en aiguille, its members managed to identify some of the pirates of the group and suspect that now an indian company named BellTroX to be at the helm. NGOS, bosses, journalists, politicians... thousands of people and organisations would have been hacked since 2017. On his website, BellTroX was not presented as offering services cyberspionnage, but a " hacking ethics ". On the employee side, the social networks reveal a quite different reality.
"Penetration of e-mail"
In effect, the Citizen Lab was able to identify the various through of the elements for the least original. In the context of some hacking attempts, the members of the company did not hesitate to use personal documents as... their CV. Social networks also show a real propensity to lay claim to their activities. On LinkedIn, some employees BellTroX have indicated among their skills : "industrial espionage ", "penetration of e-mail" or " directorate of operations of cyber espionage ".
Read also This malicious software that is monitoring you on to pornographic sites
Among those who recommend their work, we find police officers, private detectives and even a canadian official, details Numerama. Lack of evidence, the Citizen Lab is careful, however, to give names of sponsors. The site BellTroX has been taken off-line after the publication of the study researchers in computer security. The Citizen Lab is hoped, however, to retrieve new testimonies of victims.
