The man hacking India’s rich and powerful talks motives, music, drugs and next targets


December 12, 2016

Somewhere in India, a young man is sitting in a room, parked in front of his computer, smoking copious amounts of marijuana and causing great embarrassment to some of the country's biggest movers and shakers.

December 12, 2016

Somewhere in India, a young man is sitting in a room, parked in front of his computer, smoking copious amounts of marijuana and causing great embarrassment to some of the country's biggest movers and shakers.

Clockwise, from top left: Rahul Gandhi, vice president of India's Congress party; Lalit Modi, ex-chairman of the Indian Premier League cricket championship; business tycoon Vijay Mallya; journalist Barkha Dutt.

He and a group of others — who he claims number in the “higher single digits” and are based around the world — go by the name Legion.

Over the past two weeks, they have hacked into four high-profile Twitter accounts, commandeering them as vehicles to release the account owners' personal telephone numbers, bank account details and email passwords.

Their first target was Rahul Gandhi, the heir to the Congress party, which has held power in India for much of its post-colonial history. Next was Vijay Mallya, the embattled former chairman of India's biggest liquor company, who fled to Britain in March amid allegations of financial fraud and money laundering.

Speaking through encrypted instant-messaging software, one of the hackers told The Washington Post about Legion's motives and plans for future hacks. We chatted Saturday, hours before he would burst back into the public consciousness through the Twitter accounts of Barkha Dutt and Ravish Kumar, two prominent news show hosts who work for the NDTV channel. In the messages that are reproduced below, the user marked LC is from “Legion Crew,” and the user marked M is, well, me.

LC and I were able to get in touch initially through email, as he had posted an address in one of his rapid-fire tweets from Mallya's account — before it was suspended by Twitter, that is. From the get-go, he was friendly but provocative. Like in many of the missives he tweeted, he littered our conversation with profanities, references to all kinds of illicit substances, and the occasional derogatory term. By and large, he was coy, too, about having any political motives.

Rather, he said Legion wasn't even interested in “political data” until a few weeks ago. He said that the group was in possession of several terabytes of raw data concerning all sorts of “interests” and that within that trove the hackers had identified gigabytes worth of information relating to Indian public figures. He said the data was choosing the targets for them, not the other way around. Whatever they were finding, they aimed to release. From Dutt's Twitter account, they shared a link to a "partial" data dump of approximately 1.2 gigabytes of her emails. A spokesman for Twitter India declined to comment on the hacks.

When I asked him how they came into possession of so much data, he was vague, and said they just “ended up with access to over 40k+ servers in India, and we decided — hey, why not write a tool to sift through them for interesting data?”

But one clear motive for releasing some of the data is disdain for the targets. When they were in control of Gandhi's account (about 1.3 million followers), they used it to repeatedly mock his intelligence. With Mallya (about 5.5 million followers), they lambasted his alleged criminality, casting themselves as Robin Hood figures. The root of the disdain may partly derive from a sort of technological superiority complex, too. LC expressed derision at how easily he had found so much personal data. Regarding Mallya, for instance, he said:

As for upcoming targets, LC indicated that he and his fellow hackers had their sights set on bigger things. While tweeting Saturday night from the NDTV hosts' accounts, he warned that the next target would be Lalit Modi, a businessman, former head of India's commercial cricket league, and outspoken supporter of the party currently in power. But, speaking with me, he said individual targets were just an appetizer.

He later admitted that 50,000 was an exaggeration but said his group had access to servers like that of India's biggest private hospital chain, Apollo. He said they were unsure about releasing data from those servers because it might cause “chaos.”

Then again, he said, the hacking was taking away from precious time he'd rather spend doing drugs and making electronic music. Listing Brian Eno, Aphex Twin and Global Communication as artists that influence him, he said that progressive house music was his real passion and that the hacks barely provided him with an adrenaline kick. He said he particularly disliked spending time in India's capital, New Delhi, and suggested that he might try to go to Russia — to do some more drugs.

Courtesy: Washington Post