Security News > 2021 > October > Google: We're Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries
Google's Threat Analysis Group on Thursday said it's tracking more than 270 government-backed threat actors from more than 50 countries, adding it has approximately sent 50,000 alerts of state-sponsored phishing or malware attempts to customers since the start of 2021.
Google said it disrupted a number of campaigns mounted by an Iranian state-sponsored attacker group tracked as APT35, including a sophisticated social engineering attack dubbed "Operation SpoofedScholars" aimed at think tanks, journalists, and professors with an aim to solicit sensitive information by masquerading as scholars with the University of London's School of Oriental and African Studies.
Details of the attack were first publicly documented by enterprise security firm Proofpoint in July 2021.
Other past attacks involved the use of a spyware-infested VPN app uploaded to the Google Play Store that, when installed, could be leveraged to siphon sensitive information such as call logs, text messages, contacts, and location data from the infected devices.
An unusual tactic adopted by APT35 concerned the use of Telegram to notify the attackers when phishing sites under their control have been visited in real-time via malicious JavaScript embedded into the pages.
The threat actor is also said to have impersonated policy officials by sending "Non-malicious first contact email messages" modeled around the Munich Security and Think-20 Italy conferences as part of a phishing campaign to lure high-profile individuals into visiting rogue websites.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/JgKmNXMlZiI/google-were-tracking-270-state.html