Researchers determine ‘cybermercenary’ group behind dozens of hacks | Engadget

Hacking teams aren’t all the time divided between state sponsorship and strictly private achieve. Sometimes, they will work for any buyer with a large-enough checking account. The Record reports that Trend Micro has identified Void Balaur, a “cybermercenary” group that has struck each political and industrial targets since 2015. It primarily steals knowledge to promote to whoever’s prepared to pay, whether or not that is a authorities or a fraudster.

Void Balaur was initially linked to assaults towards human rights activists and journalists in Uzbekistan. More lately, it attacked Belarusian presidential candidates in 2020 and a number of other political leaders in an unnamed Eastern European nation. However, the hacking outfit additionally focused executives and administrators at a really massive Russian firm between 2020 and 2021, and has been attacking and promoting knowledge from telecoms, banks and cryptocurrency customers. The group has been linked to the on-demand hacking website RocketHack.me.

It’s not clear simply the place Void Balaur operates from, or whether or not it has official authorities help. There’s some overlap between Void’s targets and people of the Russia-backed APT28 (aka Fancy Bear or Pawn Storm), however not sufficient to determine a transparent hyperlink. And whereas the group has solely ever marketed its providers on Russian-language websites, it isn’t essentially working from Russia. We’d add that Russia often turns a blind eye to cybercriminals solely as long as they do not assault Russian pursuits — Void would not have issues attacking Russian companies.

The research illustrates the problem in pinpointing the character of some hackers, not to mention catching them. Cybermercenaries additionally pose a very extreme risk as they’re typically pleased to assault any goal with out reservations. It will not be shocking if there are extra teams like Void Balaur which have merely gone undetected.