Monday, November 4, 2024
HomeHacksVoid Balaur - Hacker-for-Hire Group Stealing Emails & Sensitive Data From More...

Void Balaur – Hacker-for-Hire Group Stealing Emails & Sensitive Data From More Than 3,500 Targets

Published on

Malware protection

Cybersecurity researchers at TrendMicro security firm have recently administered a very comprehensive insight into a productive hacking group operating as Hacker-for-Hire has targeted nearly 3500 individuals and corporations to steal their emails and highly-sensitive data.

This group has been implementing its attack since 2015, and after knowing about the attack, the senior researcher Feike Hacquebord of Trend Micro has implemented all the key details of the activities of the group, and later he named the attack “Void Balaur.”

Wide Range of Services & Targets

The hacking group of Void Balaur has been targeting different victims since 2015, but its initial report was disclosed from September 2017.

- Advertisement - SIEM as a Service

The Void Balaur has paid ads that were initially started to appear in 2018 on Russian-speaking forums like:-

  • Darkmoney
  • Probiv
  • Tenec
  • Dublikat

Moreover, in 2019, the group’s services increased their shell as they started to sell all the delicate data of Russian individuals, and the price starts from $21 and $124.

Data that were available for sale:-

  • Passport and flight information
  • Traffic camera snapshots
  • Traffic police data (fines, car registration)
  • Weapon registration
  • Criminal records
  • Credit history
  • Bank account balance and statements
  • Tax service records

A Comprehensive List of Victims

Here, the hackers have initiated attacks on the following entities:-

  • Human rights activists
  • Journalists
  • Media websites
  • Websites that broadcast political news

Void Balaur is not opposed to going after more high-profile targets, as recently the group has also propelled attacks on the former head of an intelligence agency, active government ministers, members of the national parliament in an Eastern European country, and even presidential candidates as well.

Recommendations

Here are some of the best practices that will surely help you to mitigate the consequence of an attack, not only this but it will also prevent an attack from being successful:-

  • Initially, select email providers that prioritize security and have extreme security protocols.
  • Always prefer Two-factor authentication (2FA) while email and social media accounts, rather than by using apps or devices especially produced for 2FA.
  • Assure that apps that are being used to convey sensitive data must have end-to-end encryption for communications.
  • Remember to delete older messages to reduce the chance of sensitive data ending up in the hands of malicious elements. 
  • Use drive encryption for every machine.
  • Switch off both work and personal machines that collect important data when not in use.
  • Estimate the use of encryption systems for communication that include delicate information or dialogue.

Following all these mitigations will surely help to stop this kind of attack, and the impact of such attacks are quite impactful, so, that’s why it is very important for the organizations to follow all the mitigations properly.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity, and hacking news updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit

The Evasive Panda group deployed a new C# framework named CloudScout to target a...

Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files

Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals...

Sophisticated Phishing Attack Targeting Ukraine Military Sectors

The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215...

Chinese Hackers Attacking Microsoft Customers With Sophisticated Password Spray Attacks

Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

SYS01 InfoStealer Malware Attacking Meta Business Page To Steal Logins

The ongoing Meta malvertising campaign, active for over a month, employs an evolving strategy...

Russian Hackers Attacking Ukraine Military With Malware Via Telegram

Researchers discovered a Russian-linked threat actor, UNC5812, utilizing a Telegram persona named "Civil Defense....

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS...