U.S. Investigating Hacker Ring Paid to Target Corporate Critics
Scheme targeted Wirecard short sellers and journalists writing about the company, researchers say
U.S. authorities are investigating a vast hacking-for-hire operation that involves attempts to pilfer confidential communications from investigative journalists, short sellers and advocacy groups fighting climate change, according to law enforcement officials, court documents and cybersecurity officials who have tracked the scheme for years.
The overall operation was stunning in scale and in some instances successful, according to several cybersecurity researchers who have been tracking the hackers. Among the thousands of entities allegedly targeted were hedge funds Coatue Management LLC and Blue Ridge Capital LLC, non-profit groups fighting telecommunications companies over control of the internet, and journalists from multiple news organizations, according to several cybersecurity researchers including the Toronto-based research group Citizen Lab, which tracks illegal hacking and surveillance.
The hackers are based in northern India and are typically hired by private investigators and other middlemen in Israel, the U.S. and Europe, the researchers say. But their ultimate clients are often law firms or corporations, which may receive pilfered material under the guise of corporate intelligence or litigation preparation, according to court documents and several people familiar with the scheme.
Although it’s unclear who wrote the checks that ultimately funded the hacking operations, the apparent beneficiaries include specific industries and major companies, including embattled German technology firm Wirecard AG, according to Citizen Lab and other cybersecurity researchers.