Thursday, November 28, 2024
HomeHacksVoid Balaur - Hacker-for-Hire Group Stealing Emails & Sensitive Data From More...

Void Balaur – Hacker-for-Hire Group Stealing Emails & Sensitive Data From More Than 3,500 Targets

Published on

Cybersecurity researchers at TrendMicro security firm have recently administered a very comprehensive insight into a productive hacking group operating as Hacker-for-Hire has targeted nearly 3500 individuals and corporations to steal their emails and highly-sensitive data.

This group has been implementing its attack since 2015, and after knowing about the attack, the senior researcher Feike Hacquebord of Trend Micro has implemented all the key details of the activities of the group, and later he named the attack “Void Balaur.”

Wide Range of Services & Targets

The hacking group of Void Balaur has been targeting different victims since 2015, but its initial report was disclosed from September 2017.

- Advertisement - SIEM as a Service

The Void Balaur has paid ads that were initially started to appear in 2018 on Russian-speaking forums like:-

  • Darkmoney
  • Probiv
  • Tenec
  • Dublikat

Moreover, in 2019, the group’s services increased their shell as they started to sell all the delicate data of Russian individuals, and the price starts from $21 and $124.

Data that were available for sale:-

  • Passport and flight information
  • Traffic camera snapshots
  • Traffic police data (fines, car registration)
  • Weapon registration
  • Criminal records
  • Credit history
  • Bank account balance and statements
  • Tax service records

A Comprehensive List of Victims

Here, the hackers have initiated attacks on the following entities:-

  • Human rights activists
  • Journalists
  • Media websites
  • Websites that broadcast political news

Void Balaur is not opposed to going after more high-profile targets, as recently the group has also propelled attacks on the former head of an intelligence agency, active government ministers, members of the national parliament in an Eastern European country, and even presidential candidates as well.

Recommendations

Here are some of the best practices that will surely help you to mitigate the consequence of an attack, not only this but it will also prevent an attack from being successful:-

  • Initially, select email providers that prioritize security and have extreme security protocols.
  • Always prefer Two-factor authentication (2FA) while email and social media accounts, rather than by using apps or devices especially produced for 2FA.
  • Assure that apps that are being used to convey sensitive data must have end-to-end encryption for communications.
  • Remember to delete older messages to reduce the chance of sensitive data ending up in the hands of malicious elements. 
  • Use drive encryption for every machine.
  • Switch off both work and personal machines that collect important data when not in use.
  • Estimate the use of encryption systems for communication that include delicate information or dialogue.

Following all these mitigations will surely help to stop this kind of attack, and the impact of such attacks are quite impactful, so, that’s why it is very important for the organizations to follow all the mitigations properly.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity, and hacking news updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Why the MITRE ATT&CK Evaluation Is Essential for Security Leaders

In today’s dynamic threat landscape, security leaders are under constant pressure to make informed...

Lazarus Hackers Exploits macOS Extended Attributes To Evade Detection

The xattr command in Unix-like systems allows for the embedding of hidden metadata within...

ProjectSend Authentication Vulnerability Exploited in the Wild

ProjectSend, an open-source file-sharing web application, has become a target of active exploitation following...

NVIDIA UFM Vulnerability Leads to Privilege Escalation & Data Tampering

NVIDIA has released a critical security update addressing a significant vulnerability in its Unified...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Lazarus Hackers Exploits macOS Extended Attributes To Evade Detection

The xattr command in Unix-like systems allows for the embedding of hidden metadata within...

Junior School Student Indicted for Infecting Computers With Malware

Fukui Prefectural Police have indicted a 15-year-old junior high school student from Saitama Prefecture...

Beware Of SpyLoan Apps Exploits Social Engineering To Steal User Data

SpyLoan apps, a type of PUP, are rapidly increasing, exploiting social engineering to deceive...