Indian hackers illegally earn thousands of dollars working for private investigators worldwide: Report

Hacking gangs in India are at the centre of a world-wide hacking scandal standing accused of earning thousands of dollars illegally hacking hundreds of email accounts of government and prominent figures worldwide at the behest of private investigators round the world.
The Sunday Times Insight Team and the Bureau of Investigative Journalism sent undercover reporters to India earlier this year posing as former MI6 agents-turned corporate investigators seeking to hire some of India's top computer hackers in order to infiltrate the illegal hacking industry.
The undercover reporters set up a fake corporate investigation company in Mayfair, London called Beaufort Intelligence. They then contacted some of the top alleged hackers in India saying they wanted to gain private information on targets of their clients. When the replies flooded in, they flew to India and interviewed and secretly filmed these hackers to find out more about their work.
Utkarsh Bhargava in Bengaluru spoke to the undercover reporters in their hotel room in Delhi on Zoom. He claimed to do hacking for the Indian government. He said that he was commissioned to break into the computer systems of different ministries in the governments of Turkey, Pakistan, Egypt, Cambodia and Canada. “Our job was to get the data and hand it over” he told the undercover reporters.
Indian hackers “seized control of computers owned by Pakistan’s politicians, generals and diplomats and eavesdropped on their private conversations apparently at the behest of the Indian secret services,” the Sunday Times article claimed.
The investigation found that often victims were befriended by Indian hackers on social media and the hackers sent them something to click on which interested them and then when they clicked on it, they downloaded malware onto their computer which allowed the hacker to access their email inboxes. The Indian hackers that the Sunday Times spoke to boasted they were never caught and earnt thousands of US dollars for each job. Most began their careers as cybersecurity experts.
Bhargava claimed to have hacked the passenger list for Egyptair. He said no one in India was trying to prosecute hackers as the Indian police “did not understand these things.” He said he also used Pegasus software which can be installed on mobile phones to extract WhatsApp, Signal and Telegram messages from targets.
The undercover reporters also met ex Indian Army Brigadier Ram Chhillar, founder of cyber intelligence company Phronesis, who said he was able to mine the dark web for people’s personal data stolen in previous cyber attacks or corporate data breaches.
The team also came across a group of hackers operating from an office in Gurugram under the name WhiteInt run by Aditya Jain, 31, who moonlights as a hacker, whose day job is working for Deloitte. The Sunday Times reported Jain as saying that he could get access to the email inbox of anyone in the world within 30 days. He said he had been “trained” by Appin, a now defunct firm in Delhi, that claimed to train hackers to help safeguard firms from cyberattacks but like others in his field, soon started a more lucrative sideline hacking for private investigators.
The investigation team got hold of Jain's database of targets. The targets include one of the Hinduja brothers Ashok Hinduja; Mark Fullbrook, Liz Truss’s chief of staff when prime minister; former UK chancellor Philip Hammond; Pakistan’s former minister for science and technology Fawad Chaudhry, former Pakistan president Pervez Musharraf; critics of Qatar’s hosting of the World Cup and critics of Qatar generally; the BBC’s political editor Chris Mason; Ignazio Cassis, president of Switzerland; Michel Platini, former UEAFA president; Ruth Buscombe, head of race strategy at Alfa Romeo F1 team; Otmar Szafnauer, former team principal at Aston Martin; and German billionaire Stefan Quandt, who co-owns BMW.
The reporters met Tej Singh Rathore, 28, a graduate of Rajasthan Technical University in Kota, at the Leela Palace in Delhi. “The British and the whole world…are using Indian hackers” he told them, explaining how he obtained passwords through phishing. “90 per cent of private investigators use Indian hackers to do this kind of job,” he said.
He said had discovered that hacking - or ‘offensive work’ - was more lucrative than cybersecurity or ‘defensive work’ whilst working for a company in Amritsar. He then went freelance and has been taking up assignments ever since, ranging from delving into someone’s Facebook account at the behest of their spouse to hacking a murdered man’s email account. Hacking is illegal in both India and the UK.
“India was a particularly attractive proposition for the investigators. It was not just that India’s enforcement of computer misuse rules was light touch; the commissioning of crimes in a faraway country with a different jurisdiction greatly reduce the risk that the investigators would be caught or prosecuted,” the Sunday Times article said.