"Google Blocked Dozens of Domains Used by Hack-For-Hire Groups"
A large number of malicious domains and websites used by hack-for-hire groups against high-risk organizations around the world have been blocked by Google's Threat Analysis Group (TAG). Hack-for-hire operators are directly involved in attacks and are typically employed by a company providing such services, in contrast to commercial surveillance vendors whose products are deployed in attacks by clients. They may occasionally engage as "freelance" threat actors. Clients who lack these talents or who wish to remain anonymous in the event that the attacks are discovered and detected, employ them for their hacking abilities. Hack-for-hire groups go after individuals and organizations in data theft and corporate espionage campaigns, with past victims including politicians, journalists, human rights and political activists, and other high-risk users globally. In contrast to many government-backed operations, which often have a clearer delineation of mission and targets, hack-for-hire campaigns have a broader range of targets. For example, an Indian hack-for-hire operator was recently observed targeting an IT company in Cyprus, an education institution in Nigeria, a fintech company in the Balkans, and an Israeli shopping company. Google TAG is currently tracking multiple hack-for-hire firms and their campaigns in several countries, including India, Russia, and the United Arab Emirates. This article continues to discuss hack-for-hire groups and the recent takedown of domains used by such groups.
Bleeping Computer reports "Google Blocked Dozens of Domains Used by Hack-For-Hire Groups"