by Ravie Lakshmanan at The Hacker News
A new cyber mercenary hacker-for-hire group dubbed “Void Balaur” has been linked to a string of cyberespionage and data theft activities targeting thousands of entities as well as human rights activists, politicians, and government officials around the world at least since 2015 for financial gain while lurking in the shadows.
Named after a many-headed dragon from Romanian folklore, the adversary has been unmasked advertising its services in Russian-speaking underground forums dating all the way back to 2017 and selling troves of sensitive information such as cell tower phone logs, passenger flight records, credit reports, banking data, SMS messages, and passport details. The threat actor calls itself “Rockethack.”
“This hacker-for-hire group does not operate out of a physical building, nor does it have a shiny prospectus that describes its services,” Trend Micro researcher Feike Hacquebord said in a newly published profile of the collective.
“The group does not try to wriggle out of a difficult position by justifying its business, nor is it involved in lawsuits against anybody attempting to report on their activities. Instead, this group is quite open about what it does: breaking into email accounts and social media accounts for money,” Hacquebord added.
Besides gaining near unanimous positive reviews on the forums for its ability to offer quality information, Void Balaur is also believed to have focused on cryptocurrency exchanges by creating numerous phishing sites to trick cryptocurrency exchange users in order to gain unauthorized access to their wallets. What’s more, the campaigns have involved the deployment of information stealers and Android spyware such as Z*Stealer and DroidWatcher against its targets.
Void Balaur’s intrusion set has been observed deployed against a wide range of individuals and entities, including journalists, human rights activists, politicians, scientists, doctors working in IVF clinics, genomics and biotechnology companies, and telecom engineers. Trend Micro said it unearthed over 3,500 email addresses the group set its aim on….
Continue Reading