More and more hacker groups are launching ‘to order’ attacks or selling their hacking techniques, who are the customers?

 298 total views

2021-04-22 00:08:44

Today’s cyber-attacks and cybercriminals have become so sophisticated, skillful and professional that hacking techniques can now be sold as expensive items, but there is no shortage of buyers.

More and more hacker organizations (often independent) publicly sell their own developed hacking techniques, or carry out on-demand hacking campaigns to reap great profits. It is worth mentioning that their customers are government agencies and organizations of many countries around the world. In other words, many countries tend to “buy” or “hire” hacking techniques from “black market” and use them to carry out attacks more effectively, as well as It is guaranteed to perfectly conceal all traces involved.

A new report by cybersecurity researchers at BlackBerry warns that the emergence of sophisticated cybercrime schemes means that nations increasingly have the option to work with hacker groups to be able to launch attacks according to their “orders”. Alternatively, if necessary, governments can acquire the hacking techniques of these free hacker groups and develop their own attack plans.

This “order” type of cyber attack is often associated with malicious attack campaigns, such as phishing, malware distribution or cyber espionage. Hackers get the money, while the country that hires them gets the data, access or destructive intent they request.

The “sophistication and anonymity of malicious activities in today’s” crimeware-as-a-service “service enables countries to effectively hide their malicious behavior in the cyberspace behind Third party organizations. From there, all related allegations can be easily denied “, the 2021 array space threat report by BlackBerry said.

Researchers point to the existence of large-scale hacking operations like Bahamut as an example of how sophisticated cybercrime campaigns have become. Bahamut is a malicious campaign discovered by BlackBerry last year. This campaign uses a combination of phishing, social engineering, malicious applications, custom malware, and zero-day attacks to target a wide range of government organizations. private individuals and even individuals around the world. Bahamut was going on for years before being discovered.

After analyzing this campaign, the researchers concluded that “the victims’ profiles and geographical locations are too diverse for the purposes of an independent hacker group”. In other words, Bahamut is a “order-by-order” campaign from different parties, with a high likelihood of involvement in multinational governments.

As a result, the attack was discovered and the culprit was Bahamut – an independent hacker organization. That is all. While there are clear factors that indicate that Bahamut does not really have the incentive to carry out such an inclusive campaign, there is no specific clue to the involvement of “donors. ” behind.

In fact, identifying the actors involved in a malicious campaign is a real challenge for security researchers. This fact stems from a few factors, such as overlapping infrastructure, different targeting, and unusual tactics. This is especially true when only part of the campaign is outsourced.

Bahamut has continued to be active since it was first discovered last year, with campaigns targeting multiple government agencies involved in foreign and defense affairs across the Middle East. The group has also launched a series of other sub-operations against targets in Southeast Asia, focusing specifically on smartphone-based attacks.

In short, the war in the world of cybersecurity has been, is, and will be, more complicated than ever. The only coping solution for countries, organizations, and individuals is to raise a sense of security and build defensive systems that can help prevent you from falling into a passive situation in all situations.


#hacker #groups #launching #order #attacks #selling #hacking #techniques #customers

Leave a Reply

Your email address will not be published. Required fields are marked *