Dark Basin  (Back to overview)

Dark Basin is a hack-for-hire group that has targeted thousands of individuals and hundreds of institutions on six continents. Targets include advocacy groups and journalists, elected and senior government officials, hedge funds, and multiple industries. Dark Basin extensively targeted American nonprofits, including organisations working on a campaign called #ExxonKnew, which asserted that ExxonMobil hid information about climate change for decades. We also identify Dark Basin as the group behind the phishing of organizations working on net neutrality advocacy, previously reported by the Electronic Frontier Foundation. We link Dark Basin with high confidence to an Indian company, BellTroX InfoTech Services, and related entitie

Associated Families

There are currently no families associated with this actor.

2020-06-09Github (citizenlab)CitizenLab
@online{citizenlab:20200609:dark:6fc74ec, author = {CitizenLab}, title = {{Dark Basin Indicators of Compromise}}, date = {2020-06-09}, organization = {Github (citizenlab)}, url = {}, language = {English}, urldate = {2020-11-02} } Dark Basin Indicators of Compromise
Dark Basin
2020-06-09CitizenLabJohn Scott-Railton, Adam Hulcoop, Bahr Abdul Razzak, Bill Marczak, Siena Anstis, Ron Deibert
@online{scottrailton:20200609:dark:d3bdddb, author = {John Scott-Railton and Adam Hulcoop and Bahr Abdul Razzak and Bill Marczak and Siena Anstis and Ron Deibert}, title = {{Dark Basin Uncovering a Massive Hack-For-Hire Operation}}, date = {2020-06-09}, organization = {CitizenLab}, url = {}, language = {English}, urldate = {2020-06-10} } Dark Basin Uncovering a Massive Hack-For-Hire Operation
Dark Basin

Credits: MISP Project