Threatwatch

Indian army official's son hired to crack accounts on behalf of jilted lovers and jealous corporations

Cyber espionage; Stolen credentials; User accounts compromised

Authorities from the United States to China raided a global web of hackers for hire.

In India, the Central Bureau of Investigation stormed Mumbai and Pune, among other places, and arrested the alleged mastermind hacker - Amit Vikram Tiwari (31), son of a former army colonel.

“What has baffled investigators is that FBI tracking the scandal,” the Times of India reports. “It is being suspected that some accounts related to United States government and big corporates there were also hacked after which FBI tracked the hosting sites, used for hacking, in India, China and Romania. In India, Tiwari and his fellow hackers were using two primary websites - and from Pune.”

Apparently illicit websites advertised access to e-mail accounts in exchange for fees varying from $250 to $500. “Upon receipt of the order, as well as the [targets’] e-mail addresses, the website operators gained access to such e-mail accounts and sent a proof of such access to the customers. On receipt of payment from Customers these website operators shared the password with the customers," CBI spokesperson Kanchan Prasad told the Times of India.

Payments were exchanged through Western Union and PayPal.

Most of the clients who approached Tiwari to break into email accounts and websites were foreigners.

“All possibilities -- national security, corporate hacking, financial fraud and hacking into government departments and secret units, are being probed by CBI in coordination with FBI,” the newspaper reports. “The primary investigations have revealed that corporates, individuals and even companies – ‘the clients’ - had approached the hackers either for marriage disputes related issues or commercial purposes, which sources described as ‘corporate rivalry.’”

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves. 

sector

Financial Services; Government (U.S.); Government (Foreign)

reported

January 25, 2014

reported by

Times of India

number affected

900 email accounts

location of breach

Unknown

perpetrators

Unknown

location of perpetrators

India

date breach occurred

between February 2011 and February 2013

date breach detected

Unknown