Google Blocked Dozens of Domains Owned by Hacker Mercenaries

Google blocked dozens of domains
Written by Emma Davis

The Google Threat Analysis Group (TAG) has blocked dozens of malicious domains and websites that were used by hired hackers to attack around the world.

Let me remind you that we also reported that Microsoft Stops Seventeen Domains that Used Homoglyphs for Attacks, and also that Microsoft took control over 50 domains of the Thallium grouping.

Unlike commercial spyware vendors, whose products are used by customers for their own attacks, hackers for hire are directly involved in the attacks and are usually hired by the companies that offer such services.

As a rule, the services of hacker mercenaries are needed by those clients who do not have their own skills or need to hide their identity, in case of an attack they will be detected and studied.

As a result, mercenary groups are used to attack individuals or organizations, to steal data and corporate espionage, and often politicians, journalists, human rights activists and political activists around the world become their victims.

The range of goals in such campaigns differs from the operations of government hackers, who usually have well-defined missions and goals. For example, a recent recruitment campaign by an Indian hacker operator targeted an IT company in Cyprus, an educational institution in Nigeria, a fintech company in the Balkans, and a trading company in Israel.TAG experts say

Currently, Google TAG analysts track several hacker hire firms (and their companies) in various countries, including India, Russia, and the UAE. For example, experts say a group of hired cyberspies from India, linked to offensive security vendors Appin and Belltrox, recently launched a phishing campaign aimed at stealing credentials in the governmental, healthcare and telecommunications sectors of Saudi Arabia, the UAE and Bahrain.

Another group of hacker mercenaries, Void Balaur, has been linked to phishing attacks against journalists, politicians and various non-governmental and non-profit organizations across Europe (including Russia).

Google blocked dozens of domains
Void Balaur Pricing

Another hacker team based in the UAE and associated with the developers of H-Worm is mainly focused on attacks on government and educational institutions, as well as political organizations in the Middle East and North Africa.

As part of our anti-malware efforts, we are using the results of our research to improve the security of our products. Once discovered, all identified sites and domains were added to Safe Browsing to protect users from further harm. In addition, our cybercrime investigation team shares relevant information and indicators of compromise with law enforcement.the experts say.

Google TAG experts have published a complete list of malicious domains that were blocked after investigating the activities of the mentioned hack groups from India, Russia and the UAE.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply