quora do amazon hire hackers

Introduction：

1、Indian Hack-for-Hire Group Targeted U.S., China, and More for Over 10 Years

2、BlackBerry Uncovers Massive Hack-For-Hire Group Targeting Governments, Businesses, Human Rights Groups and Influential Individuals

Indian Hack-for-Hire Group Targeted U.S., China, and More for Over 10 Years ♂

　　An Indian hack-for-hire group targeted the U.S., China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade.

　　The Appin Software Security (aka Appin Security Group), according to an in-depth analysis from SentinelOne, began as an educational startup offering offensive security training programs, while carrying out covert hacking operations since at least 2009.

　　In May 2013, ESET disclosed a set of cyber attacks targeting Pakistan with information-stealing malware. While the activity was attributed to a cluster tracked as Hangover (aka Patchwork or Zinc Emerson), evidence shows that the infrastructure is owned and controlled by Appin.

　　“The group has conducted hacking operations against high value individuals, governmental organizations, and other businesses involved in specific legal disputes,” SentinelOne security Tom Hegel said in a comprehensive analysis published last week.

　　“Appin’s hacking operations and overall organization appear at many times informal, clumsy, and technically crude; however, their operations proved highly successful for their customers, impacting world affairs with significant success.”

　　The findings are based on non-public data obtained by Reuters, which called out Appin for orchestrating data theft attacks on an industrial scale against political leaders, international executives, sports figures, and others. The company, in response, has dismissed its connection with the hack-for-hire business.

　　One of the core services offered by Appin was a tool “MyCommando” (aka GoldenEye or Commando) that allowed its customers to log in to view and download campaign-specific data and status updates, communicate securely, and choose from various task options that range from open-source research to social engineering to a trojan campaign.

　　The targeting of China and Pakistan is confirmation that an Indian-origin mercenary group has been roped in to conduct state-sponsored attacks. Appin has also been identified as behind the macOS spyware known as KitM in 2013.

　　What’s more, SentinelOne said it also identified instances of domestic targeting with the goal of stealing login credentials of email accounts belonging to Sikhs in India and the U.S.

　　“In an unrelated campaign, the group also used the domain speedaccelator[.]com for an FTP server, hosting malware used in their malicious phishing emails, one of which was used on an Indian individual later targeted by the ModifiedElephant APT,” Hegel noted. It’s worth noting that Patchwork’s links to ModifiedElephant were previously identified by Secureworks.

　　Besides leveraging a large infrastructure sourced from a third-party for data exfiltration, command-and-control (C2), phishing, and setting up decoy sites, the shadowy private-sector offensive actor (PSOA) is said to have relied on private spyware and exploit services provided by private vendors like Vervata, Vupen, and Core Security.

　　In another noteworthy tactic, Appin is said to have leveraged a California-based freelancing platform referred to as Elance (now called Upwork) to purchase malware from external software developers, while also using its in-house employees to develop a custom collection of hacking tools.

　　“The research findings underscore the group’s remarkable tenacity and a proven track record of successfully executing attacks on behalf of a diverse clientele,” Hegel said.

　　The development comes as Aviram Azari, an Israeli private investigator, was sentenced in the U.S. to nearly seven years in federal prison on charges of computer intrusion, wire fraud, and aggravated identity theft in connection with a global hack-for-hire scheme between November 2014 to September 2019. Azari was arrested in September 2019.

　　“Azari owned and operated an Israeli intelligence firm,” the Department of Justice (DoJ) said last week. “Clients hired Azari to manage ‘Projects’ that were described as intelligence gathering efforts but were, in fact, hacking campaigns specifically targeting certain groups of victims.”

　　Aviram has also been accused of using mercenary hackers in India, a company called BellTroX Infotech (aka Amanda or Dark Basin), to help clients gain an advantage in court battles via spear-phishing attacks and ultimately gain access to victims’ accounts and steal information.

　　BellTrox was founded by Sumit Gupta in May 2013. Reuters disclosed in June 2022 that prior to launching the company, Gupta had worked for Appin.

BlackBerry Uncovers Massive Hack-For-Hire Group Targeting Governments, Businesses, Human Rights Groups and Influential Individuals ♂

　　WATERLOO, ONTARIO – October 7, 2020 – BlackBerry Limited (NYSE: BB; TSX: BB) today released new research highlighting the true reach and sophistication of one of the most elusive, patient, and effective publicly known threat actors – BAHAMUT. In the report, BlackBerry researchers link the cyberespionage threat group to a staggering number of ongoing attacks against government officials and industry titans, while also unveiling the group’s vast network of disinformation assets aimed at furthering particular political causes and hampering NGOs.

　　The report, BAHAMUT: Hack-for-Hire Masters of Phishing, Fake News, and Fake Apps, provides new insights into the group, and shows how it deployed a vast array of sophisticated disinformation campaigns. BlackBerry’s Research & Intelligence Team found that BAHAMUT currently presides over a significant number of fake news entities – ranging from fraudulent social media personas to the development of entire news websites built to include disinformation – to both further certain causes and to gain information on high value targets.

　　“The sophistication and sheer scope of malicious activity that our team was able to link to BAHAMUT is staggering,” said Eric Milam, VP, Research Operations at BlackBerry. “Not only is the group responsible for a variety of unsolved cases that have plagued researchers for years, but we also discovered that BAHAMUT is behind a number of extremely targeted and elaborate phishing and credential harvesting campaigns, hundreds of new Windows malware samples, use of zero-day exploits, anti-forensic/AV evasion tactics, and more.”

　　The report also highlights increased targeting on mobile devices and how the group has published over a dozen applications in the Google Play and the Apple iOS App Stores, as well as the highly patient approach BAHAMUT takes in compromising their targets. Importantly, despite the range of targets and attacks, the lack of discernable pattern or unifying motive moved BlackBerry to confirm the group is likely acting as Hack-for-Hire mercenaries.

　　“This is an unusual group in that their operational security is well above average, making them hard to pin down,” Milam added. “They rely on malware as a last resort, are highly adept at phishing, tend to aim for mobile phones of specific individuals as a way into an organization, show an exceptional attention to detail and above all are patient – they have been known to watch their targets and wait for a year or more in some cases.”

　　Building a Fake News Empire

　　Perhaps the most distinctive aspect of BAHAMUT’s tradecraft that BlackBerry discovered is the group’s use of original, painstakingly crafted websites, applications and personas. In at least one example, the group took over the domain of what was originally an information security news website and began pushing out content focused on geopolitics, research, industry news about other hack-for-hire groups, and a list of “contributors” that were fake – but which used the names and photos of real journalists (including local U.S. news anchors) to appear legitimate. In some cases, the ‘news’ outlets BAHAMUT created were also accompanied by social media accounts and other websites to present a veneer of legitimacy.

　　Malicious Mobile Applications: More Than Meets The Eye

　　The report uncovered nine malicious iOS applications available in the Apple App Store and an assortment of Android applications that are directly attributable to BAHAMUT based on configuration and unique network service fingerprints presented. The applications were complete with well-designed websites, privacy policies and written terms of service –?often overlooked by threat actors – which helped them bypass safeguards put in place by both Google and Apple.

　　Those investigated by BlackBerry were determined to be intended for targets in the UAE as downloads were region-locked to the Emirates. Additionally, Ramadan-themed applications as well as those that invoked the Sikh separatist movement indicate that BAHAMUT had intent to target specific religious and political groups.

　　Additional Key Findings in the BAHAMUT Threat Report

　　Named by researchers for the open-source intelligence site Bellingcat, BAHAMUT leverages publicly available tools, imitates other threat groups and changes its tactics frequently, which has made attribution difficult in the past. However, BlackBerry reports with high confidence that the threat group is behind exploits researched by over 20 different security companies and nonprofits under the names EHDEVEL, WINDSHIFT, URPAGE, THE WHITE COMPANY, and most significantly, the unnamed threat group in Kaspersky’s 2016 “InPage zero-day” research.

　　The report also made other significant observations regarding BAHAMUT, including:

　　At least one zero-day developer reflects a skill-level beyond most other known threat actor groups today

　　Use of phishing and credential harvesting is aimed at very precise targets, and concerted and robust reconnaissance operations are conducted on targets prior to attack

　　Clustered targeting in South Asia and the Middle East lends credence to a “hacker for hire” operation

　　A range of tools, tactics and targets suggests the group is well-funded, well-resourced and well-versed in security research

　　BlackBerry endeavored to notify as many of the individual, governmental and corporate/nonprofit targets as possible prior to the publication of the report.

　　To learn more and download a copy of the report, visit www.blackberry.com/bahamut-report.

　　About BlackBerry

　　BlackBerry (NYSE: BB; TSX: BB) provides intelligent security software and services to enterprises and governments around the world.?The company secures more than 500M endpoints including 175M cars on the road today.? Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and is a leader in the areas of endpoint security management, encryption, and embedded systems.? BlackBerry’s vision is clear - to secure a connected future you can trust.

　　BlackBerry. Intelligent Security. Everywhere.

　　For more information, visit BlackBerry.com and follow @BlackBerry.

　　###

　　Media Contact:

　　BlackBerry Media Relations

　　(519) 597-7273

Related questions

Amazon, like many large tech companies, actively hires ethical hackers (cybersecurity professionals) to strengthen its security infrastructure. These roles typically involve identifying vulnerabilities, conducting penetration testing, and ensuring the safety of Amazon's systems (e.g., AWS, retail platforms, etc.). However, Amazon does not hire individuals engaged in malicious or illegal hacking activities.

Key Points:

1. Ethical Hacking Roles:
   Amazon recruits cybersecurity experts through formal channels (e.g., their careers page, LinkedIn, or partnerships with cybersecurity conferences). Look for titles like Security Engineer, Penetration Tester, or Cybersecurity Analyst.

2. Bug Bounty Programs:
   Amazon (and AWS) runs bug bounty programs on platforms like HackerOne. Ethical hackers can report vulnerabilities for rewards, but this is not direct employment.

3. Quora and Hiring:
   While Amazon employees or recruiters might occasionally share insights on Quora, official job postings are only listed on Amazon's careers portal (amazon.jobs). Be cautious of scams claiming to offer jobs via social media or forums like Quora.

4. Avoid Scams:
   If someone on Quora claims to "hire hackers for Amazon," verify their credentials. Amazon does not recruit through informal or unverified channels.

If you're interested in ethical hacking roles, focus on building cybersecurity skills (e.g., certifications like CEH, OSCP) and apply through Amazon's official career portal or trusted job platforms.