Categories: News

Google tracks more than 270 state-backed threat actors

Google’s Threat Analysis Group (TAG) announced they are currently tracking more than 270 state-backed threat actors from over 50 countries. They have alerted their customers of more than 50,000 attempted of state-sponsored phishing or malware attempts, in 2021.

Russian and Iranian threat actors

So, Google’s blog post discusses how the internet giant has seen a 33 percent increase in warnings from 2020. The increase came mainly from an unusually large campaign which Russian actors launched. These actors are known as APT28 or Fancy Bear.

Google revealed revealed this week that it disrupted a number of campaigns by Iranian state-sponsored attackers, too. This also included one aimed at journalists, professors, and think tanks. The Iranian group, tracked as APT35, called this “Operation SpoofedScholars.” Apparently, its aim was to ask for sensitive information. So, the attackers masqueraded as scholars with the University of London’s School of Oriental and African Studies (SOAS).

Proofpoint documented an attack

The enterprise security firm, Proofpoint was first to document the large-scale attack occurred in July 2021. The attackers managed to carried out by uploading a spyware-infested VPN app to the Google Play Store. When installed, this app could extract sensitive information from the device, such as call logs, text messages, contacts, and location data.

The threat actor sent “non-malicious first contact email messages” to high-profile individuals as part of a phishing campaign. Their goal was to have unsuspecting victims visit rogue websites.

“For years, this group has hijacked accounts, deployed malware, and used novel techniques to conduct espionage aligned with the interests of the Iranian government,” Google TAG’s Ajax Bash said.

The interest of the state-backed actors seems to increase in this kind of attacks. More than one year ago, the NSA teamed with of NCSC, CSE, DHS CISA and issued an advisory regarding the activity of a Russian Intelligence Service group. This one received the name “CozyBear” APT29 or “The Dukes”.

Laurentiu Titei

Recent Posts

Best SQL Server Management Tool

If you are looking for server-based tools for database management using SQL, you can take…

4 days ago

Best Open-Source Vulnerability Scanners & Tools

If you want to ascertain the most vulnerable files, areas, and sectors in your data,…

1 week ago

How to Remove Annoying Ads in Chrome

If you are also bothered by the ever-appearing and non-disappearing ads on the Google Chrome…

2 weeks ago

Best Data Recovery Software for Windows

If you have lost some precious data on your Windows PC due to any reason,…

3 weeks ago

How to Fix High Memory Usage in Windows 11

This article explains the quickest and easiest fixes for Windows 11 high RAM memory usage. …

3 weeks ago

Best Debugging Tools to Use in 2024

You can read this article to learn more about the best tools for debugging to…

4 weeks ago