The prevalence of hack-for-hire campaigns worldwide has forced Google to block several malicious domains and websites that are used in attacking targets from across the world. Their clients employ these hired hackers to perform cyberattacks on a targeted victim, such as hacking or spying. The clients also use these services to conceal themselves if the authorities detect malicious activities.
Some of the hired hackers’ past victims include government officials, journalists, activists, and other high-risk individuals. According to researchers, most attack tactics used against these victims are data theft and cyber espionage campaigns.
For instance, a hack-for-hire operator from India was recently found striking an IT firm in Cyprus, a university in Nigeria, a supermarket firm in Israel, and a fintech firm in the Balkans.
Google’s TAG (Threat Analysis Group) had been tracking numerous malicious domains run by hired hackers in their campaign, including from countries such as India, Russia, and the UAE.
Another example of malicious groups that Google found were the Appin Indore and BellTroX from India, wherein they have operated phishing campaigns against government organisations, healthcare institutions, and telco service providers in Saudi Arabia, the UAE, and Bahrain.
Google had also tracked the activities of a notorious hack-for-hire group in Russia named Void Balaur that attacked politicians, NGOs, and journalists across Europe.
A UAE-based hired hackers were also identified by Google’s researchers attacking universities, government, and political groups in North America and the Middle East.
Google’s TAG explained that the results of their efforts in tracking down the malicious actors allowed them to block their infrastructure, ensuring the safety of users against the threats posed by those dangerous domains.
The research team also advised users, especially organisations at high risk against cyberattacks, to enable Google’s Advanced Protection feature and Account Level Enhanced Safe Browsing. The firm had also collaborated with the law enforcement agencies for a more in-depth investigation of these cases.
