Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Google: We're Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries
#1
https://thehackernews.com/2021/10/google...state.html        Google: We're Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries
October 14, 2021 Ravie Lakshmanan        Google's Threat Analysis Group (TAG) on Thursday said it's tracking more than 270 government-backed threat actors from more than 50 countries, adding it has approximately sent 50,000 alerts of state-sponsored phishing or malware attempts to customers since the start of 2021.

The warnings mark a 33% increase from 2020, the internet giant said, with the spike largely stemming from "blocking an unusually large campaign from a Russian actor known as APT28 or Fancy Bear."

Additionally, Google said it disrupted a number of campaigns mounted by an Iranian state-sponsored attacker group tracked as APT35 (aka Charming Kitten, Phosphorous, or Newscaster), including a sophisticated social engineering attack dubbed "Operation SpoofedScholars" aimed at think tanks, journalists, and professors with an aim to solicit sensitive information by masquerading as scholars with the University of London's School of Oriental and African Studies (SOAS).


Details of the attack were first publicly documented by enterprise security firm Proofpoint in July 2021.

Other past attacks involved the use of a spyware-infested VPN app uploaded to the Google Play Store that, when installed, could be leveraged to siphon sensitive information such as call logs, text messages, contacts, and location data from the infected devices. Furthermore, an unusual tactic adopted by APT35 concerned the use of Telegram to notify the attackers when phishing sites under their control have been visited in real-time via malicious JavaScript embedded into the pages.

The threat actor is also said to have impersonated policy officials by sending "non-malicious first contact email messages" modeled around the Munich Security and Think-20 (T20) Italy conferences as part of a phishing campaign to lure high-profile individuals into visiting rogue websites.

"For years, this group has hijacked accounts, deployed malware, and used novel techniques to conduct espionage aligned with the interests of the Iranian government," Google TAG's Ajax Bash said.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  (Kaspersky ) Top 10 countries with the largest number of threats of selected type mrtrout 0 571 02-04-2023 , 05:43 AM
Last Post: mrtrout
  Google sued by DC and three states for ‘deceptive’ Android location tracking mrtrout 0 762 01-24-2022 , 11:34 PM
Last Post: mrtrout
  Iranian State-sponsored Cybercriminal Hacked Israeli Chief-of-Staff mrtrout 0 782 06-17-2021 , 02:58 AM
Last Post: mrtrout
  Top Countries Threats (Kaspersky) mrtrout 0 742 06-13-2021 , 10:49 PM
Last Post: mrtrout
  At least 10 APT hacking groups have exploited Exchange Server bugs, ESET warns Bjyda 0 1,031 03-11-2021 , 10:36 PM
Last Post: Bjyda

Forum Jump:


Users browsing this thread: 1 Guest(s)