There was an increasing amount of pressure on bodyguard Carlo Pacileo. According to Pacileo, his boss, a direct sales entrepreneur called Ryan Blair, wanted damaging information against a competitor in business at a time when there was a rush of lawsuits filed. There was no result to be found.

Therefore, he contacted a Silicon Valley detective with whom he was familiar from his time spent working in Afghanistan for the American mercenary company Blackwater. A few days later, a man named Nathan Moser, who had previously worked as a sheriff’s deputy in North Carolina, showed up at Pacileo’s apartment in Hollywood with a duffel bag full of surveillance equipment.

Moser demonstrated many different devices to Pacileo, one of which being an Israeli-made listening device that could be concealed in the ceiling or beneath the television set. One service, in particular, jumped out: Moser claimed that he was familiar with an Indian hacker who could break into email accounts. Pacileo was recently quoted as saying to Reuters, “My ears perked up.” “I had no idea you were capable of doing things like that,” she said.

Moser, who provided confirmation of Pacileo’s story, was awarded the job and a fee of $10,000 per month. He joined Blair’s company, the distributor of diet shakes known as ViSalus, during a time when the company was in the process of filing a number of lawsuits against vendors who had defected to a rival company known as Ocean Avenue.

The Indian hacker, a young computer security expert by the name of Sumit Gupta, began breaking into the email accounts of Ocean Avenue executives around the beginning of February 2013. He then returned screenshots and passwords to his ViSalus handlers on the West Coast.

When Ocean Avenue discovered that ViSalus had been spying on them, the company immediately launched a federal complaint against ViSalus in the state of Utah, accusing them of extortion, intimidation, and hacking. Initially, ViSalus contended that its opponent had not presented sufficient proof to substantiate its claims; nonetheless, the company ultimately settled the litigation on terms that were not disclosed.

The executives at ViSalus did not respond to inquiries asking for a response. Reuters’ messages to Blair, who was not mentioned as a defendant in the claim, were marked as “seen” but were not responded to by Blair. The certified letters delivered to his business and his residence in Los Angeles went unanswered.

The settlement did not completely resolve the matter. When the Federal Bureau of Investigation found out about the hacking, investigators went to Pacileo’s and Moser’s residences and searched them thoroughly in February of 2015. Both eventually entered guilty pleas to charges of committing computer crimes in connection with the intrusions on Ocean Avenue.

The convictions put an end to Moser’s investigation firm and destroyed Pacileo’s career in the security industry.

For Gupta, this was only the beginning of the journey. Over the course of the following decade, he and a select group of his Indian colleagues created an underground hacking operation that would become a hub for private investigators such as Moser, who sought advantage of clients who were engaged in legal disputes.

Gupta, who was also charged with hacking in the criminal case that was being investigated in California, was never arrested by authorities in the United States.

Since the year 2020, when he assured Reuters that, despite having worked with private investigators in the past, “I have not done all these attacks,” Reuters has not been able to get in touch with him. Recent efforts to speak with or locate him were fruitless, but we will keep trying.

Reuters, along with other media outlets and cybersecurity researchers, have reported on various aspects of the Gupta organization’s operations in the past. But the extent of his engagement in court proceedings and the part played by a larger network of Indian hackers are being exposed for the first time in this article.

According to three persons who have been informed of the case, the FBI has been investigating the Indian hacking binge since at least the beginning of 2018 to uncover who, in addition to Moser, recruited Gupta’s gang to go after American targets. The FBI did not wish to comment on the matter.

The email trove offers a shocking insight into how cyber mercenaries target lawyers and their clients, but it does not resolve all of the questions that have been raised as a result of this examination. The list does not reveal, for instance, who was responsible for hiring the spies, and it was not always obvious whether or not the hacking was successful or, if it was, how the information that was taken was put to use.