Sneaky groups do not always split up government support and personal gain. In some cases, they work for every customer who has a large bank account. History reports what Trend Micro has known Void Balaur, a “cybermercenary” group that has been pursuing political and commercial goals since 2015. It steals data to sell to anyone who wants to pay, whether government or fraud.
Void Balaur was previously linked to the civil rights movement in Uzbekistan. Recently, it attacked aspirants for the presidency of Belarus in 2020 and several political leaders in an unnamed country in Eastern Europe. However, the racket also targeted executives and directors at Russia’s largest company between 2020 and 2021, and they have been attacking and selling data from telecoms, banks and cryptocurrency users. The group was linked to the RocketHack.me scam.
It is not known where Void Balaur works, or whether it has government support. There is a link between Void’s intentions and those of the Russian-based APT28 (aka Fancy Bear or Pawn Storm), but not enough to set up a clear link. And even though the group has just announced its activities on the Russian language page, it is not working from Russia. We can add that Russia often monitors criminals only if they do not attack Russia’s interests – Void has no problem attacking Russian businesses.
This study highlights the obvious disadvantages of some robbers, without stopping to catch them. Cybermercenaries are also at high risk because they are usually happy to attack anything without reservation. It would not be surprising if there were many groups like Void Balaur who did not appear.
All sales supported by Engadget are selected by our writing team, independent of our parent company. Some of our articles include links to links. When you purchase something through one of these links, we may be able to find a partner.
Source link
