A Delhi-based IT firm BellTroX InfoTech offering its hacking services to help clients spy on more than 10,000 email accounts over a period of seven years has been found involved in spying on government officials in Europe, gambling tycoons in the Bahamas, and well-known investors in the United States including private equity giant KKR and short seller Muddy Waters, according to three former employees, outside researchers, and a trail of online evidence.
Aspects of BellTroX’s hacking spree aimed at American targets are currently under investigation by US law enforcement, five people familiar with the matter told Reuters. The US Department of Justice declined to comment.
In a telephone interview, the company’s owner, Sumit Gupta, declined to disclose who had hired him and denied any wrongdoing.
Muddy Waters founder Carson Block said he was “disappointed, but not surprised, to learn that we were likely targeted for hacking by a client of BellTroX.” KKR declined to comment.
Researchers at internet watchdog group Citizen Lab, who spent more than two years mapping out the infrastructure used by the hackers, said they had “high confidence” that BellTroX employees were behind the espionage campaign.
“This is one of the largest spy-for-hire operations ever exposed,” said Citizen Lab researcher John Scott-Railton.