By Raphael Satter and Christopher Bing
WASHINGTON (Reuters) – Saudi diplomats, Sikh separatists and Indian business executives have been among those targeted by a group of hired hackers, according to research published on Wednesday by software firm BlackBerry Corp.
The report https://www.blackberry.com/us/en/company/newsroom/press-releases/2020/blackberry-uncovers-massive-hack-for-hire-group-targeting-governments-businesses-human-rights-groups-and-influential-individuals on the group, known publicly as Bahamut, the name assigned to the mythical sea monster of Arab lore, highlights how cybersecurity researchers are increasingly finding evidence of mercenaries online.
BlackBerry’s vice president of research, Eric Milam, said the diversity of Bahamut’s activities was such that he assumed it was working for a range of different clients.
“There’s too many different things going on across too many different ranges and too many different verticals that it would be a single state,” Milam said ahead of the report’s release.
In June, Reuters reported on how an obscure Indian IT firm called BellTroX https://www.reuters.com/article/idUSKBN23G1GQ offered its hacking services to help clients spy on more than 10,000 email accounts over seven years, including targeting prominent American investors.
BlackBerry – which absorbed antivirus firm Cylance in 2019 – stitched together digital clues left by other researchers over the years to create a picture of a sophisticated group of hackers. BlackBerry also linked the group to mobile phone applications in the Apple and Google app stores. Those apps, which included a fitness tracker and password manager, may have helped the hackers track their targets, the report said.
Apple declined to comment on the record. Two of the apps flagged by Blackberry are no longer in the Apple App Store though. A Google spokesman said all the apps in the Google Play Store mentioned in the report had been removed.
Milam declined to comment on who he thought might be behind Bahamut, but he said he hoped the report would help to sharpen the focus