Chuck Randall’s real estate deal that would have benefited his Native American tribe was derailed by a well-timed leak of his private emails. The leaked excerpts detailed secret negotiations between Randall, his tribal government allies, and outside investors to gain more profits from the tribe’s casino project. The leaked information caused an uproar within the tribe, leading to the removal of four tribal government allies and Randall being ordered to cease acting on behalf of the tribe. As a result, the tribe lost a significant economic opportunity. This scandal is part of a larger phenomenon that has caught the attention of law enforcement and intelligence agencies globally.
The Indian company at the center of this scandal, Appin, engaged in industrial-scale hacking, stealing data from political leaders, international executives, and other prominent individuals. Despite unauthorized access to computer systems being a crime worldwide, at least 17 pitch documents reviewed by Reuters advertised Appin’s expertise in activities such as cyber spying, email monitoring, cyber warfare, and social engineering. The company boasted about hacking businessmen on behalf of corporate clients in a 2010 presentation.
Run by brothers Rajat and Anuj Khare, Appin started as a small Indian educational startup but eventually became a premier provider of cyberespionage services. Although several cyber defense training organizations in India carry the Appin name, they are not involved in hacking activities. Rajat Khare’s U.S. representative, the law firm Clare Locke, denied any association between Khare and the cyber-mercenary business, stating that he has never operated or supported any illegal hacking industry. The lawyers emphasized that Appin focused on teaching cybersecurity and cyber-defense, and any association with hacking was due to rogue actors misusing the company’s brand.
This report on Appin provides a comprehensive overview of the company’s operations, including its international reach and law enforcement’s unsuccessful attempts to control it. The report is based on thousands of company emails, financial records, presentations, and interviews with former Appin employees and victims of India-based hackers. The authenticity of the Appin communications was verified by 15 individuals, including private investigators and ex-Appin hackers. U.S. cybersecurity firm SentinelOne reviewed the material and confirmed its accuracy.
Although Appin has largely disappeared from public view, its impact is still felt today. Copycat firms led by Appin alumni continue to target thousands of individuals. The company revolutionized the market for spy services by creating a digital platform where customers could request various hacking services, such as breaking into inboxes or computers. Appin provided a project management tool called “My Commando” that allowed customers to track the progress of their hacking requests.
Former clients praised Appin for its well-organized system and efficient delivery of hacking services. The company would often use deceptive tactics to lure targets into clicking on booby-trapped emails, leading to the theft of their data. Private investigators from various countries, including the United States, Britain, and Switzerland, sought Appin’s assistance in hacking hundreds of targets. Some of the targets were high-profile individuals, including a New York art dealer and a French diamond heiress.
In conclusion, Appin’s activities have raised concerns among law enforcement and intelligence agencies due to its industrial-scale hacking and unauthorized access to computer systems. The company’s operations and impact have been detailed in this report, shedding light on the extent of its activities and the challenges faced by law enforcement in controlling it.
