Google Blocked Dozens of Domains Owned by Hacker Mercenaries

The Google Threat Analysis Group (TAG) has blocked dozens of malicious domains and websites that were used by hired hackers to attack around the world.

Unlike commercial spyware vendors, whose products are used by customers for their own attacks, hackers for hire are directly involved in the attacks and are usually hired by the companies that offer such services.

As a rule, the services of hacker mercenaries are needed by those clients who do not have their own skills or need to hide their identity, in case of an attack they will be detected and studied.

As a result, mercenary groups are used to attack individuals or organizations, to steal data and corporate espionage, and often politicians, journalists, human rights activists and political activists around the world become their victims.

Currently, Google TAG analysts track several hacker hire firms (and their companies) in various countries, including India, Russia, and the UAE. For example, experts say a group of hired cyberspies from India, linked to offensive security vendors Appin and Belltrox, recently launched a phishing campaign aimed at stealing credentials in the governmental, healthcare and telecommunications sectors of Saudi Arabia, the UAE and Bahrain.

Another group of hacker mercenaries, Void Balaur, has been linked to phishing attacks against journalists, politicians and various non-governmental and non-profit organizations across Europe (including Russia).

Void Balaur Pricing

Another hacker team based in the UAE and associated with the developers of H-Worm is mainly focused on attacks on government and educational institutions, as well as political organizations in the Middle East and North Africa.

Google TAG experts have published a complete list of malicious domains that were blocked after investigating the activities of the mentioned hack groups from India, Russia and the UAE.