Researchers say new group of Russian cyber mercenaries targets 'a mixed bag' — including on its home soil

Written by
Nov 10, 2021 | CYBERSCOOP

Trend Micro said on Wednesday it has discovered a new Russian-language cyber mercenary group that has been going after targets ranging from Russian businesses to journalists and politicians.

Researchers discovered the group after a long-time target of the Russian intelligence-connected hacking group Pawn Storm, also known as Fancy Bear and APT28, reached out in March of 2020 saying his wife had been targeted with phishing emails. Trend Micro found that the indicators didn’t match Pawn Storm and attributed the attacks to another Russian-language group it’s named Void Balaur. Unlike APT28, Void Balaur appears to be an independent group willing to hack into the emails of targets as diverse as aviation companies in Russia to human rights activists in Uzbekistan.

“Their targets are really a mixed bag,” lead researcher Feike Hacquebord said in an interview. “It looks like a lot of different customers are using them and that that matches with our impression that they are actually a cyber mercenary that can just be hired by about anyone.”

Russian hackers, such as ransomware groups, tend to operate with impunity within the region because of a tacit agreement with the Russian government

Read More: https://www.cyberscoop.com/void-balaur-russian-cyber-espionage/