Researchers Uncover Prolific Hacker-for-Hire Group
Trend Micro has revealed details of a new Russian-speaking cyber-mercenary group responsible for at least 3500 victims over the past six years.
Dubbed “Void Balaur” after an evil creature from Eastern European folklore, the group goes by the name “Rockethack” on underground Russian language forums, where it has been advertising since 2018 to 100% positive reviews.
According to Trend Micro’s report on the outfit, it focuses on compromising email and social media accounts and selling sensitive personal and financial information, including telco data, passenger flight records, banking data and passport details.
Its global targets range from Russian telcos to ATM vendors, financial services firms, medical insurers and IVF clinics. These are selected as they store lucrative personal and corporate information that can be sold at a relatively high price. The group charges over $800 for phone call records with cell tower locations, for example.
However, Void Balaur also targets journalists, human rights activists, politicians, scientists, doctors, telco engineers and cryptocurrency users.
Some of these overlap with individuals targeted by the notorious Kremlin-backed Pawn Storm group (APT28, Fancy Bear), although it’s not thought the two groups are otherwise connected.
According to Trend