Dark Basin
Description
(Citizen Lab) We give the name Dark Basin to a hack-for-hire organization that has targeted thousands of individuals and organizations on six continents, including senior politicians, government prosecutors, CEOs, journalists, and human rights defenders. With high confidence, we link Dark Basin to BellTroX InfoTech Services (“BellTroX”), an India-based technology company.
Over the course of our multi-year investigation, we found that Dark Basin likely conducted commercial espionage on behalf of their clients against opponents involved in high profile public events, criminal cases, financial transactions, news stories, and advocacy. This report highlights several clusters of targets. In future reports, we will provide more details about specific clusters of targets and Dark Basin’s activities.
Names
| Name | Name-Giver |
|---|---|
| Dark Basin | Citizen Lab |
| Mercenary.Amanda | NortonLifeLock |
Country
Sponsor
BellTroX InfoTech Services
Motivation
- Information theft and espionage
First Seen
2013
Observed Sectors
- Financial
- Government
- Manufacturing
- Media
- NGOs
- Non-profit organizations
- journalists, law and consulting firms
Observed Countries
- Austria
- Belgium
- Brazil
- Canada
- Cyprus
- Czech
- France
- Germany
- Iceland
- India
- Israel
- Italy
- Kenya
- Mexico
- Nigeria
- Norway
- Russia
- South Korea
- Sweden
- Switzerland
- UK
- Ukraine
- USA
Information
- https://citizenlab.ca/2020/06/dark-basin-uncovering-a-massive-hack-for-hire-operation/
- https://www.nortonlifelock.com/blogs/security-response/mercenary-amanda-professional-hackers-hire
Alienvault Otx
Other Information
Uuid
03011e9d-5ddb-4d43-82a1-bf89a51b5709
Last Card Change
2020-08-27