Google has added dozens of new domains to its blacklist, closing the door to many hacking groups around the world.
In a new blog post (opens in a new tab) published on Google's Threat Analysis Group (TAG) page, the department's director, Shane Huntley, said he has been monitoring numerous hacking-for-hire groups since 2012. And today, 37 new domains and websites have been added to its Safe Browsing feature.
These domains, which include the likes of myproject-login[.]store, mail-goolge[.]com, or rnanage-icloud[.]com, have been divided into three separate categories: groups from the United Arab Emirates, India, and Russia.
Sensitization
Google encourages all users, especially high-level individuals considered high-risk, to enable Advanced Protection and Enhanced Safe Browsing at the Google account level, and to ensure that all of your endpoints (opens in a new tab) are up to date.
The company's cybercrime investigation group, Huntley explained, shares relevant details and indicators with law enforcement.
"TAG is committed to sharing our findings to raise awareness in the security community, as well as businesses and individuals who may have been targeted," Huntley said in the blog post. "We hope that a better understanding of tactics and techniques will improve threat hunting capabilities and lead to better user protection across the industry."
Hacking-for-hire groups employ a variety of tactics in their operations, Google has found, with social engineering and phishing remaining the most popular ways to gain access and deploy second-stage malware (opens in a new tab). Depending on their location, they will target different groups and businesses, from government agencies and journalists to NGOs and organizations in the health and telecommunications sectors.
In some cases, Google noted, Indian hacking companies will work with third-party private investigation services as intermediaries to provide data. In other cases, they will employ freelancers who are not direct employees of the target companies themselves.
The full list of group domains that Google considers to be malicious can be viewed here (opens in a new tab).
