Appin (company)

Last updated
Appin
Industry Computer security
Founded2003
Founder
  • Rajat Khare
  • Anuj Khare
Headquarters
New Delhi
,
India
Services
Website Official website

Appin was an Indian cyberespionage company founded in 2003 by brothers Rajat and Anuj Khare. It initially started as a cybersecurity training firm, but by 2010 the company had begun providing hacking services for governments and corporate clients that "stole secrets from executives, politicians, military officials and wealthy elites around the globe." Their hacking exploits and Rajat Khare's unprecedented efforts to suppress reporting have been covered by major outlets like Reuters, The New Yorker, Wired, SRF Investigativ, Intelligence Online, and many others. [1] They created the model that is still used by the Indian hack-for-hire industry. [2] [3]

Contents

The company offered what its founders referred to as "ethical hacking" services, capable of breaking into and stealing sensitive information from anyone's computer. [4] [5] [6] [7] Since at least 2010, they have targeted victims globally with hacking and phishing attacks for espionage and information theft. [8] [9] [3] They have been on the radar of by U.S. intelligence since 2009, when the NSA began surveillance after observing them hack high-value Pakistani officials. [2]

In 2010, Rajat Khare sent bulk emails to private intelligence firms across Europe offering hacking-for-hire services. [4] [6] [7] Starting on January 5, 2012, a cyberattack targeted Peter Hargitay, a Zurich-based FIFA insider and consultant for Australia's 2022 World Cup bid. Hargitay and his son hired an expert who traced the hack to a server linked to Rajat Khare. The attack was part of an extensive hacking operation targeting numerous individuals for smear campaigns. This was tied to Qatar's web of espionage to secure the 2022 FIFA World Cup hosting rights. [2] [10] [11] That same year, an Indian cybersecurity consultant traced an attempted hack on a client to Appin and discovered compromising material on its servers. [12] In February 2013, the Chicago Mercantile Exchange filed a complaint with the World Intellectual Property Organization regarding a phishing attack that used a suspicious domain to steal investment information. [13] [9] [14] In March of that year, after Telenor filed a criminal case with Norwegian police Kripos over a hack stealing 66,000 emails from its leadership and legal advisor, the infosec community obtained evidence that allowed them to access Appin's unsecured servers and link the group to several high-profile cyberattacks. [8] [15] [16] [17] Notably, Norman Shark publicly linked the Telenor hack to Appin. [18] [19] [2]

Appin's industrial-scale random attacks drew global attention, [10] and by 2013, they had become well-known among security researchers, who referred to them using various monikers to describe their pattern of activity, including Operation Hangover by Shadowserver Foundation and Norman Shark, [20] [18] [21] Monsoon by Forcepoint, [22] and Viceroy Tiger by CrowdStrike. [23] [24] [25] From 2013 onward, Google spent a decade monitoring Appin-linked hackers who targeted tens of thousands of email accounts on its platform. [26] [27] Due to the high volume worked by the hackers, Google had to expand its systems and procedures to keep up with them. Security researchers have been cautious in their public statements linking Appin to the hacking and phishing incidents to avoid legal trouble; however, privately, they remain confident in the connection. [2]

Since 2012, Appin and its CEO Rajat Khare have been under criminal investigations in multiple countries. In the Dominican Republic, authorities raided a local newspaper publisher in 2012 and formally accused him of collaborating with Khare to hack emails, spy on the nation's elite, and extract information for his digital newspaper. [2] [28] [29] The publisher later admitted that in 2011, he paid Appin between $5,000 and $10,000 a month to spy on over 200 prominent Dominicans, including then-President of the Dominican Republic, Leonel Fernández. In the U.S., after analyzing a 2012 hack and leak targeting a Native American tribe [30] , the FBI linked multiple cases to a single perpetrator. Collaborating with Swiss authorities, the FBI identified the perpetrator as Appin and shared that they had human intelligence through a confidential source. Rajat Khare's communications and activities were also tracked by the FBI. Later, in mid-2020, the private detective who had contracted Appin for hacking the Native American tribe confessed in an affidavit. [31] Similarly, an Israeli private investigator who hired Appin to hack at least three dozen people admitted to employing them to steal emails from a Korean businessman. [3] [32] [33] Meanwhile, Norwegian investigators had connected Appin to the Telenor hack, while Swiss authorities had also linked Appin and Rajat Khare to a criminal complaint filed by the Hargitays for intrusion into their systems. In 2021, the State Bank of India filed a criminal complaint with the Central Bureau of Investigation, Appin's former client, accusing Rajat Khare and others of embezzling ₹8.06 billion ($97 million) from loans to Educomp, where Khare was a director. [34] [35] [2]

Starting in or around 2011, the mercenaries operated a digital dashboard dubbed "My Commando" for spy services, resembling an e-commerce platform with a menu of hacking options. Customers logged in to request Appin to hack emails, computers, or phones, track the operation's progress like a delivery, and later download stolen data from digital dead drops. [2] A year later, various reports from media outlets, research organizations, and multinational corporations began linking Appin to hacking incidents targeting prominent figures, including Boris Berezovsky and Mohamed Azmin Ali. Less well-known individuals, such as a landscape architect in New Jersey and several lawyers, were also targeted. In 2012, a German private investigator paid Appin $3,000 to hack an email during an inheritance feud involving a wealthy businessman. [3] Such attacks extended to the families of U.S. government officials, including the wife of Representative Mike Rogers, who was the Chairman of the U.S. House Intelligence Committee at the time. Also among the victims were human rights activists, such as those associated with the Oslo Freedom Forum, along with governmental and private organizations. [36] [4] [37] [38]

Following Norman Shark's public attribution of the Telenor hack to Appin, [18] the group began scaling back its online presence. Around that time, two companies founded by former Appin employees—BellTroX InfoTech Services [39] led by Sumit Gupta and CyberRoot Risk Advisory [40] [41] [42] —started collaborating with Appin, sharing staff and computer infrastructure for their hack-for-hire operations. [3] The hacking operations were identified using a database of over 80,000 phishing emails sent to 13,000 targets from 2013 to 2020. This database was independently vetted by six expert groups, including Scylla Intel, BAE, Mandiant, LinkedIn, Microsoft, and Google—with each group independently confirming recognized hacking activity. Further analysis by Mandiant, LinkedIn, Google, [26] and court records [43] revealed that the hacking was carried out by three Appin-linked companies with an intermingling of resources among them. Together, they built a network of mercenary Indian hacking companies, charging clients anywhere from a few thousand to millions of dollars [40] [44] while paying workers just $370 per month. [45] Operating from a modest, CCTV-monitored facility, the hackers targeted attorneys and their clients—including companies, advocacy groups, media organizations, and business executives—seeking to undermine the legal process. Notably, Appin alumnus Sumit Gupta's involvement in criminal cases, [46] [47] [48] [49] his ties with former Israeli policeman Aviram Azari, [50] [51] [52] [53] [54] [55] and his role in the wider network of Indian hackers have been the subject of several media articles. [3] [56] [4] [57] [58] [59]

Appin Technology rebranded multiple times before adopting the name Sunkissed Organic Farms in 2017. Its subsidiary, Appin Software Security—which performed hacking and phishing operations—became Adaptive Control Security Global Corporate (ACSG) in 2015. Rajat Khare resigned as director of Appin Technology in 2016 and now resides in Switzerland. After the Swiss criminal investigation into his hacking of the Hargitays was closed, in the fall of 2020, Khare purchased a villa in Switzerland for 13.5 million Swiss francs from the daughter of a Ukrainian oligarch. He now portrays himself as a renowned start-up investor. [10] In September 2023, The Economic Times reported that Rajat and Shweta Khare had purchased a plot in Delhi for ₹760 million (about $9.1 million). Together, they run Boundary Holding, a Luxembourg-based venture capital firm. [60] Rajat Khare's family still controls the renamed Indian companies, including ACSG, which officially claims to do confidential computer security work for governments. [2] [61] [62]

History

In December 2003, Rajat Khare along with high school friends conceived Appin to offer technology training workshops to university students. By 2005, now joined by Anuj, an entreprenuer and former motivational speaker, the company had an office in western New Delhi. Appin began as a digital security consultancy that provided cybersecurity classes to help Indian organizations defend themselves online. This drew the attention of Indian government officials, who were navigating internet-era intelligence challenges and seeking ways to hack into computers and emails.

Shortly thereafter, Appin established a subsidiary to conduct surveillance activities for the Indian government. Employees signed non-disclosure agreements and were assigned to military-controlled facilities, where they worked away from their colleagues in the wider company. Their targets included Pakistan, China, and Khalistani separatists from India's Punjab state.

By 2009, the company's clients had included the Indian Armed Forces, the Ministry of Home Affairs, and the Central Bureau of Investigation. Appin claimed their solutions were used by government intelligence agencies to monitor hostile individuals, marketed software for analyzing call metadata, and explored importing Israeli cell phone interception devices. For the fiscal year ending in 2009, the company earned nearly $1 million in revenue and a profit of about $170,000, with a projected tenfold increase in revenue over the next 36 months. [63] [64]

The company also made extra money by discreetly reselling material it had hacked for one Indian agency to another. This practice of double-dipping was eventually uncovered, prompting several outraged Indian intelligence agencies to terminate their contracts with Appin. Facing dwindling opportunities in intelligence work, Appin shifted its focus to hacking and phishing for the private sector. [2]

Controversies

Appin and co-founder Rajat Khare have systematically pressured news sources in multiple countries, including France, Luxembourg, Switzerland, the United Kingdom, and India, to remove references in articles to the company and Khare. [65] [66] [67] [1]

On November 2, 2022, Swiss media outlet SRF Investigativ published an investigative piece about Qatar's elaborate and extensive espionage operation aimed at securing its hosting of the 2022 FIFA World Cup. The operation, which was dubbed Project Merciless, involved hacking emails and phones of FIFA officials and critics of Qatar's corruption and poor human rights record. It also targeted their friends and family members to run smear campaigns and influence FIFA policy. [10] [11] In November 2022, a lower court in Geneva ordered the publication to provisionally remove Rajat Khare's name and photo from the article. When contacted by RSF, Khare's Swiss lawyer, Nicolas Capt, stated that Khare has taken civil and criminal action in Switzerland and other countries to protect his honor. [1]

On June 1, 2023, The New Yorker published an article titled, "A Confession Exposes India's Secret Hacking Industry." The article primarily focused on firms founded by Appin alumni, such as BellTroX Infotech Services and CyberRoot Risk Advisory, which have targeted climate activists, investors, lawsuit defendants, and organizations on a global scale and still remain operational. Appin first sued the U.S. magazine in India, and later, Rajat Khare filed a lawsuit against it in Switzerland. The New Yorker refused to take down their article, stating that they fully stand behind the piece, which is an accurate and fair account of a matter of legitimate public interest. They further stated that they will continue to defend the right to publish important reporting without fear or favor. [4] [1] [68]

On November 16, 2023, Reuters published an explosive article about the company and its cofounder Rajat Khare titled, "How an Indian Startup Hacked the World." Drawing on hundreds of interviews and thousands of vetted documents, Reuters found that Appin "grew from an educational startup to a hack-for-hire powerhouse that stole secrets from executives, politicians, military officials and wealthy elites around the globe." The report was based on Appin's activities for nearly two decades, including company records, law enforcement files, and input from former employees, clients, and security professionals. The raw material spanning 2005 to 2022 was authenticated by Reuters and further verified by U.S. cybersecurity firm SentinelOne. [2] [1] [69]

Appin sued Reuters, claiming the news agency had engaged in a "defamatory campaign." [70] [5] It obtained an injunction from a Delhi court and, on December 4, 2023, Reuters temporarily removed its article. Reuters said that it stood by its reporting. [71] [5] [72] An archived version of the Reuters article hosted on the Wayback Machine was likewise removed following demands from lawyers representing Appin co-founder Rajat Khare. [73] Appin further sent demands to Meta Platforms, LinkedIn and Naukri.com to block accounts associated with the authors of the Reuters story. [67]

In February 2024, Wired reported that lawyers for Appin and a related entity called the Association for Appin Training Centers have filed lawsuits and made legal threats against more than a dozen news organizations. Appin sent emails demanding news site Techdirt and the organization MuckRock which hosted some of the information Reuters relied on. The two sites denied that the injunction was binding on them. [74] [66] [75] Other sites, such as the Lawfare blog, removed material based on the Reuters article. [5] [74] The Electronic Frontier Foundation (EFF) announced that they responded on behalf of Techdirt and MuckRock to legal threats made by Appin Training Centers. One of the arguments the EFF made in their letter to Appin is that the Indian court's order is unenforceable in U.S. courts because it conflicts with the First Amendment and Section 230 of the Communications Decency Act (47 U.S.C. § 230), as reinforced by the SPEECH Act (28 U.S.C. § 4102). The EFF also urged recipients of Indian gag orders to carefully evaluate their legitimacy. [76] [66] [75]

The Reuters article was restored in October 2024, after the Delhi court rescinded its injunction on October 3, 2024, noting "the plaintiff has not been able to show any prima facie case to make interference in the process of journalism". [77] [78] The article is back online at its original location. [36]

On November 21, 2024, Reporters Without Borders (RSF) reported that works from at least 15 different media outlets had been modified or withdrawn as a result of a strategic lawsuit against public participation or a notice from Rajat Khare or Appin Training Centers, while posts praising Khare on self-published sites flooded the internet. Additionally, an Intelligence Online article was the subject of an abusive Digital Millennium Copyright Act takedown request. [1] [79] [80]

Related Research Articles

<span class="mw-page-title-main">Hacktivism</span> Computer-based activities as a means of protest

Hacktivism, is the use of computer-based techniques such as hacking as a form of civil disobedience to promote a political agenda or social change. A form of Internet activism with roots in hacker culture and hacker ethics, its ends are often related to free speech, human rights, or freedom of information movements.

Booz Allen Hamilton Holding Corporation is the parent of Booz Allen Hamilton Inc., an American company specializing in intelligence, AI, and digital transformation. It is headquartered in McLean, Virginia, in Greater Washington, D.C., with 80 other offices around the globe. The company's stated core business is to provide consulting, analysis, and engineering services to public and private sector organizations and nonprofits.

Cyberwarfare by Russia includes denial of service attacks, hacker attacks, dissemination of disinformation and propaganda, participation of state-sponsored teams in political blogs, internet surveillance using SORM technology, persecution of cyber-dissidents and other active measures. According to investigative journalist Andrei Soldatov, some of these activities were coordinated by the Russian signals intelligence, which was part of the FSB and formerly a part of the 16th KGB department. An analysis by the Defense Intelligence Agency in 2017 outlines Russia's view of "Information Countermeasures" or IPb as "strategically decisive and critically important to control its domestic populace and influence adversary states", dividing 'Information Countermeasures' into two categories of "Informational-Technical" and "Informational-Psychological" groups. The former encompasses network operations relating to defense, attack, and exploitation and the latter to "attempts to change people's behavior or beliefs in favor of Russian governmental objectives."

Cyberwarfare by China is the aggregate of cyberattacks attributed to the organs of the People's Republic of China and various related advanced persistent threat (APT) groups.

<span class="mw-page-title-main">Stratfor email leak</span> Data breach of Global Intelligence Files

WikiLeaks began publishing emails leaked from strategic intelligence company Stratfor on 27 February 2012 under the title Global Intelligence Files. By July 2014, WikiLeaks had published 5,543,061 Stratfor emails. Wikileaks partnered with more than 25 world media organisations, including Rolling Stone, L’Espresso and The Hindu to analyse the documents.

Change Healthcare Inc. is a provider of revenue and payment cycle management that connects payers, providers, and patients within the U.S. healthcare system. The name also refers to a company founded in 2007 which subsequently became part of the current conglomerate. The company operates the largest financial and administrative information exchange in the United States.

Cyberwarfare is a part of the Iranian government's "soft war" military strategy. Being both a victim and wager of cyberwarfare, Iran is considered an emerging military power in the field. Since November 2010, an organization called "The Cyber Defense Command" has been operating in Iran under the supervision of the country's "Passive Civil Defense Organization" which is itself a subdivision of the Joint Staff of Iranian Armed Forces.

Cozy Bear is a Russian advanced persistent threat hacker group believed to be associated with Russian foreign intelligence by United States intelligence agencies and those of allied countries. Dutch signals intelligence (AIVD) and American intelligence had been monitoring the group since 2014 and was able to link the hacker group to the Russian foreign intelligence agency (SVR) after compromising security cameras in their office. CrowdStrike and Estonian intelligence reported a tentative link to the Russian domestic/foreign intelligence agency (FSB). Various groups designate it CozyCar, CozyDuke, Dark Halo, The Dukes, Midnight Blizzard, NOBELIUM, Office Monkeys, StellarParticle, UNC2452 with a tentative connection to Russian hacker group YTTRIUM. Symantec reported that Cozy Bear had been compromising diplomatic organizations and national governments since at least 2010. Der Spiegel published documents in 2023 purporting to link Russian IT firm NTC Vulkan to Cozy Bear operations.

The Lazarus Group is a hacker group made up of an unknown number of individuals, alleged to be run by the government of North Korea. While not much is known about the group, researchers have attributed many cyberattacks to them since 2010.

<span class="mw-page-title-main">Russo-Ukrainian cyberwarfare</span> Informatic component of the confrontation between Russia and Ukraine

Cyberwarfare is a component of the confrontation between Russia and Ukraine since the Revolution of Dignity in 2013-2014. While the first attacks on information systems of private enterprises and state institutions of Ukraine were recorded during mass protests in 2013, Russian cyberweapon Uroburos had been around since 2005. Russian cyberwarfare continued with the 2015 Ukraine power grid hack at Christmas 2015 and again in 2016, paralysis of the State Treasury of Ukraine in December 2016, a Mass hacker supply-chain attack in June 2017 and attacks on Ukrainian government websites in January 2022.

Dark Basin is a hack-for-hire group, discovered in 2017 by Citizen Lab. They are suspected to have acted on the behalf of companies such as Wirecard and ExxonMobil.

<span class="mw-page-title-main">2022 Ukraine cyberattacks</span> Attack on Ukrainian government and websites

During the prelude to the Russian invasion of Ukraine and the Russian invasion of Ukraine, multiple cyberattacks against Ukraine were recorded, as well as some attacks on Russia. The first major cyberattack took place on 14 January 2022, and took down more than a dozen of Ukraine's government websites. According to Ukrainian officials, around 70 government websites, including the Ministry of Foreign Affairs, the Cabinet of Ministers, and the National and Defense Council (NSDC), were attacked. Most of the sites were restored within hours of the attack. On 15 February, another cyberattack took down multiple government and bank services.

Guacamaya is an international group of hackers that has published anonymous reports and leaked sensitive files in the public interest through Distributed Denial of Secrets and Enlace Hacktivista. It operates mainly in Central and Latin America and to date has hacked major corporations and the governments of Chile, Colombia, El Salvador, Guatemala, Mexico and Peru.

<span class="mw-page-title-main">Vinny Troia</span> American cybersecurity researcher

Vincenzo "Vinny" Troia is an American cybersecurity researcher who is known for investigating high profile data breaches and dark web hacking groups, and is the author "Hunting Cyber Criminals". Troia has published research about dark web hacking groups such as The Dark Overlord and Shiny Hunters.

A cyberattack is any unauthorized effort against computer infrastructure that compromises the confidentiality, integrity, or availability of its content.

<span class="mw-page-title-main">IntelBroker</span> Black hat hacker

IntelBroker is a black hat hacker active who has committed several high-profile cyber attacks against large corporations and government agencies, with over 80 sales and leaks of compromised data having been traced to them.

<span class="mw-page-title-main">Indian Cyber Force</span>

Indian Cyber Force(ICF) is an amateur hacktivist group from India which gained attention for conducting cyberattacks at targets which it perceives to be against Indian interests. The group appears to be active since the year 2022. Methods of cyberattacks employed by the group include DDoS attacks, Website defacements, Data breaches.

References

  1. 1 2 3 4 5 6 "RSF investigation: the Indian cyber-security giant silencing media outlets worldwide". Reporters Without Borders. 2024-11-21. Retrieved 2024-12-31.
  2. 1 2 3 4 5 6 7 8 9 10 11 Satter, Raphael; Siddiqui, Zeba; Bing, Chris (2023-11-16). "How an Indian startup hacked the world". Reuters. Retrieved 2024-12-31.
  3. 1 2 3 4 5 6 Satter, Raphael; Bing, Christopher (2022-06-30). "How mercenary hackers sway litigation battles". Reuters. Retrieved 2024-12-31.
  4. 1 2 3 4 5 Kirkpatrick, David (1 June 2023). "A Confession Exposes India's Secret Hacking Industry". The New Yorker . Retrieved 20 Nov 2023.
  5. 1 2 3 4 "The Hack-for-Hire Industry: Death by a Thousand Cuts + When Theft Doesn't Work... Troll". Lawfare. Retrieved 2024-02-10.
  6. 1 2 "An email from Appin to the World Association of Detectives". DocumentCloud. 2010-10-23. Retrieved 2025-01-11.
  7. 1 2 "A PowerPoint slide with Appin surveillance proposals". DocumentCloud. 2010-11-22. Retrieved 2025-01-07.
  8. 1 2 Muncaster, Phil (2013-05-21). "'India attacked Norwegian telco to get at Pakistan, China' - report". The Register. Retrieved 2025-01-02.
  9. 1 2 Fowler, Geoffrey A.; Valentino-DeVries, Jennifer (2013-06-23). "Spate of Cyberattacks Points to Inside India". The Wall Street Journal. Retrieved 2025-01-01.
  10. 1 2 3 4 Eiholzer, Leo; Schmid, Andreas (2022-11-02). "'Project Merciless': how Qatar spied on the world of football in Switzerland". Swiss investigative program Rundschau (swissinfo.ch). Retrieved 2025-01-04.
  11. 1 2 Suderman, Alan (2021-11-23). "World Cup host Qatar used ex-CIA officer to spy on FIFA". Associated Press. Retrieved 2025-01-09.
  12. Mookhey, K.K. (2013). "Malware Analysis Report" (PDF). Network Intelligence. Retrieved 2025-01-05.
  13. Jackson, Kelly (2013-05-20). "'Commercialized' Cyberespionage Attacks Out Of India Targeting U.S., Pakistan, China, And Others". Dark Reading. Retrieved 2025-01-01.
  14. "Administrative Panel Decision - Chicago Mercantile Exchange Inc., CME Group Inc. v. Lun Ai - Case No. D2013-0350". WIPO Arbitration and Mediation Center. 2013-04-15. Retrieved 2025-01-01.
  15. Jackson, Kelly (2013-07-18). "'Hangover' Persists, More Mac Malware Found". Dark Reading. Retrieved 2025-01-01.
  16. Vijayan, Jai (2023-11-16). "Shadowy Hack-for-Hire Group Behind Sprawling Web of Global Cyberattacks". Dark Reading. Archived from the original on 2023-12-07.
  17. Johansen, Per Anders (2013-03-17). "Spionerte på Telenor-sjefer, tømte all e-post og datafiler". Aftenposten (in Norwegian). Archived from the original on 2013-03-20.
  18. 1 2 3 Fagerland, Snorre; Kråkvik, Morten; Camp, Jonathan (2013). "Operation Hangover: Unveiling an Indian Cyberattack Infrastructure" (PDF). Norman ASA. Archived from the original (PDF) on 2013-06-12. Retrieved 2023-12-18.
  19. "Norwegian company names Indian firm for global cyber offensive?". The Times of India. 2013-05-23. Archived from the original on 2013-05-24. Retrieved 2025-01-10.
  20. Fagerland, Snorre (2013-05-20). "The Hangover Report". Norman ASA. Archived from the original on 2013-10-26. Retrieved 2023-12-18.
  21. "Operation Hangover: Unveiling an Indian Cyberattack Infrastructure" (PDF). Seebug, part of 360 Netlab. Archived from the original (PDF) on 2022-01-21. Retrieved 2023-12-18.
  22. Settle, Andy; Griffin, Nicholas; Toro, Abel. "Monsoon – Analysis of an Apt Campaign Espionage and Data Loss Under the Cover of Current Affairs" (PDF). Forcepoint. Retrieved 2025-01-01.
  23. Santos, Doel; Hinchliffe, Alex (2020-07-03). "Threat Assessment: Hangover Threat Group". Palo Alto Networks. Retrieved 2025-01-01.
  24. Hinchliffe, Alex; Falcone, Robert (2020-05-11). "Updated BackConfig Malware Targeting Government and Military Organizations in South Asia". Palo Alto Networks. Retrieved 2025-01-01.
  25. Boutin, Jean-Ian (2013-05-16). "Targeted information stealing attacks in South Asia use email, signed binaries". WeLiveSecurity. Retrieved 2025-01-03.
  26. 1 2 Huntley, Shane (2022-07-30). "Countering hack-for-hire groups". Google. Retrieved 2025-01-04.
  27. Vijayan, Jai (2022-07-01). "Google: Hack-for-Hire Groups Present a Potent Threat". Dark Reading. Retrieved 2025-01-06.
  28. Gómez, Jochi (2011-12-11). "El Siglo 21 (Archived)". El Siglo 21. Archived from the original on 2011-12-11.
  29. "Orden Judicial de Arresto (Judicial Arrest Warrant)". DocumentCloud (in Spanish). July 2012. Retrieved 2025-01-03.
  30. "ATTENTION SHINNECOCK TRIBAL MEMBERS pamphlet". DocumentCloud. July 2012. Retrieved 2025-02-02.
  31. "Santarpia affidavit detailing his interactions with Appin". DocumentCloud. 2020-06-17. Retrieved 2025-01-05.
  32. "Korea Motors Israel - Affidavit of Aviram Halevi". DocumentCloud. 2016-05-23. Retrieved 2025-01-10.
  33. "Korea Motors Israel - Judgment". DocumentCloud. 2021-03-10. Retrieved 2025-01-27.
  34. "Central Bureau of Investigation First Information Report against Rajat Khare and Others". DocumentCloud. 2021-06-29. Retrieved 2025-01-05.
  35. "Rajat Khare's directorship at Educomp". DocumentCloud. 2015-03-20. Retrieved 2025-01-05.
  36. 1 2 Satter, Raphael (16 Nov 2023). "How an Indian startup hacked the world". Reuters . Archived from the original on 2023-11-17. Retrieved 20 Nov 2023.
  37. Wild, Franz (11 May 2022). "Inside the global hack-for-hire industry". Bureau of Investigative Journalism . Retrieved 20 Nov 2023.
  38. Tom Hegel (November 16, 2023). Elephant Hunting: Inside an Indian Hack-For-Hire Group (Report). SentinelLabs. Archived from the original on 17 Nov 2023.
  39. "Screenshot of BellTroX Referal Key advertisement". DocumentCloud. 2020-01-27. Retrieved 2025-01-27.
  40. 1 2 Satter, Raphael; Bing, Christopher (2022-06-30). "SPECIAL REPORT-His emails were stolen; now he's exposing the hack-and-leak industry". Reuters. Retrieved 2025-01-29.
  41. "RAKIA versus Azima - Retrial - Amended Counterclaim of Farhad Azima". DocumentCloud. November 2022. Retrieved 2025-01-30.
  42. Dvilyanski, Mike; Franklin, Margarita; David, Agranovich (2013-05-16). "Threat Report on the Surveillance-for-Hire Industry" (PDF). Meta. Retrieved 2025-01-10.
  43. "RAKIA versus Azima - Appeal - Witness Statement of Jonas Rey". DocumentCloud. 2021-02-12. Retrieved 2025-01-26.
  44. "RAKIA versus Azima - Appeal - Vital bank details". DocumentCloud. 2021-02-08. Retrieved 2025-01-30.
  45. "BellTroX Letter of Appointment". DocumentCloud. Retrieved 2025-01-27.
  46. "Ocean Avenue versus Visalus, Moser, Siragusi et al - Complaint". DocumentCloud. 2013-10-29. Retrieved 2025-01-27.
  47. "USA versus Moser et al. - Plea Agreement (Nathan Moser)". DocumentCloud. 2015-07-20. Retrieved 2025-01-30.
  48. "Private Investigators Indicted In E-Mail Hacking Scheme". US DOJ. 2015-02-11. Retrieved 2025-01-12.
  49. "USA versus Moser et al. - Order reassigning fugitive case". DocumentCloud. 2017-03-30. Retrieved 2025-01-29.
  50. Bing, Christopher (2022-04-20). "Israeli charged in global hacker-for-hire scheme pleads guilty". Reuters. Retrieved 2025-01-12.
  51. Reddick, James (2023-11-17). "Israeli private eye gets 80-month sentence for global hack-for-hire scheme". The Record. Retrieved 2025-01-12.
  52. "Israeli Hacker-For-Hire Sentenced To 80 Months In Prison For Involvement In Massive Spearphishing Campaign". US DOJ. 2023-11-16. Retrieved 2025-01-12.
  53. "India, Israel, United States BellTrox affair scares corporate intelligence world". Intelligence Online. 2020-06-24. Retrieved 2025-01-27.
  54. "USA versus Azari - indictment". DocumentCloud. 2019-08-27. Retrieved 2025-01-29.
  55. "USA versus Azari - Government motion pursuant to 18-3771". DocumentCloud. 2022-04-29. Retrieved 2025-01-29.
  56. Stubbs, Jack; Satter, Raphael; Bing, Christopher (2020-06-27). "Exclusive: Obscure Indian cyber firm spied on politicians, investors worldwide". Reuters. Retrieved 2025-01-25.
  57. Turton, William (2020-06-09). "U.S. Investigating Hacker Ring Paid to Target Corporate Critics". Bloomberg. Retrieved 2025-01-25.
  58. Scott-Railton, John; Hulcoop, Adam; Abdul Razzak, Bahr; Marczak, Bill; Anstis, Siena; Deibert, Ron (2020-06-09). "Dark Basin - Uncovering a Massive Hack-For-Hire Operation". Citizen Lab. Retrieved 2025-01-27.
  59. Marchiando, Amy (2020-06-09). "Professional Hackers for Hire carried out large-scale credential spearphishing campaigns since at least 2013". NortonLifeLock. Archived from the original on 2022-06-29.
  60. Haidar, Faizan (2023-09-05). "Boundary Holding's top executives buy land in Delhi for Rs 76 crore". The Economic Times. Retrieved 2025-01-10.
  61. "Appin companies' name change documents". DocumentCloud. Retrieved 2025-01-06.
  62. "Formerly-known-as-Appin companies' financial and shareholding statements". DocumentCloud. Retrieved 2025-01-06.
  63. "Early marketing brochure from the Appin Security Group". DocumentCloud. 2007. Retrieved 2025-01-04.
  64. "Appin documents for Indian Angels Network". DocumentCloud. 2009-04-04. Retrieved 2025-01-04.
  65. Ingram, Mathew. "A leak-hosting site looks to thaw the chill of censorship". Columbia Journalism Review. Retrieved 2024-02-12.
  66. 1 2 3 Greenberg, Andy (February 1, 2024). "A Startup Allegedly Hacked the World. Then Came the Censorship—and Now the Backlash".
  67. 1 2 "Global censorship campaign raises alarms". Freedom of the Press. 2024-01-18. Retrieved 2024-02-12.
  68. "Arrêt du mardi - 17 septembre 2024". justice.ge.ch (in French). 2024-09-17. Retrieved 2025-01-09.
  69. Lizza, Ryan; Bade, Rachael; Daniels, Eugene (2023-11-18). "Playbook: Biden vs. Haley on abortion". POLITICO. Retrieved 2024-02-12.
  70. Omar, Rashid (2023-12-07). "Forced to Pull Story on Indian Firm's Alleged Global Hacking Operation, Reuters to Fight Court Order". The Wire. Archived from the original on 2023-12-08.
  71. Masnick, Mike (2023-12-07). "Indian Court Orders Reuters To Take Down Investigative Report Regarding A 'Hack-For-Hire' Company". Techdirt.
  72. Cox, Joseph (2023-12-06). "Reuters Takes Down Blockbuster Hacker-for-Hire Investigation After Indian Court Order". 404 Media. Retrieved 2023-12-18.
  73. Schaffer, Michael (2024-01-19). "How a Judge in India Prevented Americans From Seeing a Blockbuster Report". POLITICO. Retrieved 2024-02-12.
  74. 1 2 Masnick, Mike (2024-02-01). "Sorry Appin, We're Not Taking Down Our Article About Your Attempts To Silence Reporters". Techdirt. Retrieved 2024-02-10.
  75. 1 2 "The Association of Appin Training Centers is waging a global censorship campaign to stop you from reading these documents". MuckRock. 2024-02-01. Retrieved 2024-02-10.
  76. Galperin, Cooper Quintin and Eva (2024-02-08). "EFF Helps News Organizations Push Back Against Legal Bullying from Cyber Mercenary Group". Electronic Frontier Foundation. Retrieved 2024-12-30.
  77. "Reuters exposé of hack-for-hire world is back online after Indian court ruling". Reuters. October 26, 2024. Retrieved 2024-12-19.
  78. "VINAY PANDEY VS. RAPHEL SATTER AND ORS" (PDF). 2024-10-03. Retrieved 2025-01-01.
  79. "La réputation d'un "roi de la tech" indien au cœur d'un curieux bras de fer". Gotham City (in French). 2022-12-07. Retrieved 2024-12-31.
  80. "Former Indian cyber privateer Rajat Khare is helping Qatar keep the football World Cup safe". Intelligence Online. 2022-10-20. Retrieved 2024-12-31.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.