- 5 easy ways to transfer photos from your Android device to your Windows PC
- How to get Google's new Pixel 9a for free
- Just installed iOS 18.4? Changing these 3 features made my iPhone much better to use
- 7 strategic insights business and IT leaders need for AI transformation in 2025
- The most underrated robot vacuum I've ever tested is now 60% off
Cyber Mercenary Group Void Balaur Continues Hack-For-Hire Campaigns
The cyber mercenary group, Void Balaur, continues expanding its hack–for–hire campaigns despite disruptions to its online advertising personas.
The new information comes from cybersecurity experts at SentinelLabs, who recently published an advisory detailing Void Balaur’s latest campaigns.
Written by senior threat researcher Tom Hegel, the document discusses the findings that SentinelLabs first unveiled at its LABScon event on Thursday.
“Void Balaur was first reported in 2019 (eQualitie), then again in 2020 (Amnesty International). In November 2021, our colleagues at Trend Micro profiled the larger set of malicious activity and named the actor ‘Void Balaur’ based on a monster of Eastern European folklore,” Hegel wrote.
“Most recently Google’s TAG highlighted some of their activity earlier this year. Building on top of analysis from each of our above colleagues, the purpose here is to share our analysis of interesting findings based on newer activity and the large scale set of attacker infrastructure.”
According to the advisory, Void Balaur campaigns in 2022 targeted several industries across the United States, Russia and Ukraine (among others), often with particular business or political interests tied to Russia.
The link would be reinforced by the fact that SentinelLabs spotted a “unique and short–lived connection” between the group’s infrastructure and the Russian Federal Protective Service (FSO).
“Attacks are often very generic in theme, may appear opportunistic in nature, and account for targets making use of multi–factor authentication,” Hegel explained.
Further, the group regularly tries to gain access to well–known email services, social media and instant messaging platforms and corporate accounts.
“Void Balaur remains a highly active and evolving threat to individuals across the globe,” SentinelLabs wrote.
“From the targeting of well–known email services to the offering of hacking corporate networks, the group represents a clear example of the hack–for–hire market. We expect this type of actor to be increasingly common to observe in the wild.”
The advisory comes months after HP released a report detailing how malware–as–a–service (MaaS) is creating a new cybercrime ecosystem.
