Hacker-For-Hire Operation Targets Politicians, Journalists Worldwide | #computerhacking | #hacking


A Diverse Set of Services

Void Balaur’s services include hacking into targets’ emails and social media accounts. As of March 2021, the prices for these services started at $138 for Mail.ru accounts, going up to $550 for Gmail accounts, $413 for corporate accounts and all the way up to $2,064 for Telegram accounts. The threat group also sells the sensitive data of its targets, including passport details and SMS messages. For individual victims this type of data could be extremely specific, such as criminal records (with a price tag starting at $21), banking service data (like account balance and account statements) and phone call records with cell tower locations (offered for $826).

“The telecom data that Void Balaur is peddling includes phone call records with cell tower locations that could reveal who a person has been calling, the duration of the calls, and the approximate location where the calls were made,” according to researchers. “Knowledge of these details could serve several purposes, including committing serious crimes.”

The threat group also appears to target many organizations that are likely to have access to highly sensitive data on people, including mobile companies and cellular equipment vendors, radio and satellite communication companies and ATM machine vendors. Researchers believe this may indicate a future expansion of the group’s current business offerings as it continues to collect more widespread information.

The threat group utilizes malware against targeted victims, including ZStealer, which steals credentials from instant messaging software, File Transfer Protocol and Secure Shell software, various email clients and browsers. The malware additionally has cryptocurrency-wallet stealing capabilities relating to Electrum, MultiBit and Terracoin – which fits into a smaller effort by the cybercriminals to access wallets of various cryptocurrency exchange services since at least 2018, said researchers. The group also leverages DroidWatcher, which is Android malware with several functions, like transferring incoming and outgoing SMS and phone calls logs, recording phone calls and triggering automatic silent updates to victim devices.



Original Source link




Leave a Reply

Your email address will not be published.

thirty five − = thirty two