“What stuck out during this investigation was the breadth of targeting, which also included individuals that had no affiliation with the selected organizations, and appeared to be regular, everyday citizens in Russia and surrounding countries,” said Huntley. Over the past five years, researchers said they observed the group targeting accounts at major webmail providers including Gmail, Hotmail, and Yahoo!, as well as regional webmail providers like abv.bg,, inbox.lv, and UKR.net. Researchers highlighted a previously known Russian hack-for-hire group called Void Balaur that has targeted journalists, politicians and various NGOs and non-profit organizations in and around Europe, including a prominent Russian anti-corruption journalist hit by a 2017 credential phishing campaign. “A recent campaign from an Indian hack-for-hire operator was observed targeting an IT company in Cyprus, an education institution in Nigeria, a fintech company in the Balkans and a shopping company in Israel.” “The breadth of targets in hack-for-hire campaigns stands in contrast to many government-backed operations, which often have a clearer delineation of mission and targets,” said Shane Huntley, director of the threat analysis group with Google, in a Thursday analysis. Rather than selling services that end users must then operate, as commercial surveillance vendors do, hack-for-hire operators conduct the attacks themselves on behalf of organizations or individuals who might lack the capabilities to do so on their own, typically leveraging known vulnerabilities in order to compromise targets’ accounts with the end goal of exfiltrating sensitive data. These hack-for-hire companies have been steadily increasing over the past few years, according to an October report by the United Nations Office of High Commissioner for Human Rights. These hack-for-hire firms have been targeting a range of accounts, including Gmail and AWS accounts, in order to carry out corporate espionage attacks against firms, as well as campaigns that target human rights and political activists, journalists and other high-risk users worldwide. The feature blocks dangerous websites and gives users a warning notification when they attempt to navigate to the site. Google has applied its Safe Browsing protection feature to more than 30 domains linked to several hack-for-hire operations.
0 kommentar(er)
