> since they're an open-source intel group, anyone can verify everything they've found
This is a common misconception; to properly verify their investigative work (not just the specific findings), you also have to know what they possibly found and didn't show. That basically means replicating their work, and being more informed about their subjects than themselves.
Meh.. That would impact things they didn't publish -- But for the work they publish, the contra findings aren't really relevant.
E.g. for the MH17 investigation where they disprove many of the lies from the Kremlin and decisively identify the specific BUK system used, the route it took, who was at command and their specific role within the Russian MoD all via open sources, social media, etc: https://www.bellingcat.com/wp-content/uploads/2017/07/mh17-3...
The Russian government made many claims after MH17 was shot down, some attributing the anti-aircraft attack to Ukraine and some categorically denying their involvement. Bellingcat with their supporters gathered tons of evidence that shows dispositive proof which contradicts both sides of the Russian story. It's common knowledge now that the Russians carried out the attack and Bellingcat is largely to thank for that being public -- I'm sure various security services were performing their own attribution work, but it's nice to have plain reading material to prove so.
This is a common misconception; to properly verify their investigative work (not just the specific findings), you also have to know what they possibly found and didn't show. That basically means replicating their work, and being more informed about their subjects than themselves.