"Void Balaur Hackers-for-Hire Targeting Russian Businesses and Politics Entities"

A hack-for-hire group that was first revealed in 2019 has broadened its target list to include entities with business or political ties to Russia. Since 2015, the cyber mercenary collective known as Void Balaur has launched cyberattacks against biotechnology and telecommunications companies. As of November 2021, 3,500 victims had been reported. According to Trend Micro, Void Balaur primarily engages in cyber espionage and data theft, selling stolen information to anyone willing to pay. The group's attacks are typically both generic and opportunistic in nature, with the goal of gaining unauthorized access to widely used email services, social media, messaging, and corporate accounts. Earlier this June, Google's Threat Analysis Group (TAG) revealed a series of credential theft attacks carried out by the threat actor against journalists, European politicians, and non-profit organizations. According to SentinelOne researcher Tom Hegel, Void Balaur also seeks targets useful for prepositioning or facilitating future attacks. The targets include Russia, the US, the UK, Taiwan, Brazil, Kazakhstan, Ukraine, Moldova, Georgia, Spain, the Central African Republic, and Sudan. The group's hack-for-hire service is said to be advertised under various personas, including Hacknet and RocketHack. Other services provided by the operators over the years include remote access to devices, SMS records, and real-time location tracking. Furthermore, Void Balaur's attack infrastructure includes over 5,000 unique domains claiming to be email websites, authentication services, and public services portals. This article continues to discuss the hack-for-hire group Void Balaur expanding its targets. 

THN reports "Void Balaur Hackers-for-Hire Targeting Russian Businesses and Politics Entities"