Google has added dozens of new domains to its blacklist, closing the door to many hacking groups around the world.
In a new blog post (opens in a new tab) published on Google's Threat Analysis Group (TAG) page, the department's director, Shane Huntley, said he has been monitoring numerous hacking-for-hire groups since 2012. And today, 37 new domains and websites have been added to its Safe Browsing feature.
These domains, which include the likes of myproject-loginstore, email-goolgecom, or rnanage-icloudcom, have been split into three separate categories: United Arab Emirates, India, and Russia groups.
Sensitization
Google encourages all users, especially high-level individuals considered high-risk, to enable Advanced Protection and Enhanced Safe Browsing at the Google account level, and to ensure that all of your endpoints (opens in a new tab) are up to date.
The company's cybercrime investigation group, Huntley explained, shares relevant details and indicators with law enforcement.
"TAG is committed to sharing our findings to raise awareness in the security community, as well as businesses and individuals who may have been attacked," Huntley said in the blog post. "We hope that a better understanding of the tactics and techniques will improve threat hunting capabilities and lead to better user protection across the industry."
Hacking-for-hire groups employ a variety of tactics in their operations, Google has found, with social engineering and phishing remaining the most popular ways to gain access and deploy second-stage malware (opens in a new tab). Depending on their location, they will target different groups and businesses, from government agencies and journalists to NGOs and organizations in the health and telecommunications sectors.
In some cases, Google noted, Indian hacking companies will work with third-party private investigation services as intermediaries to provide data. In other cases, they will employ freelancers who are not direct employees of the target companies themselves.
The full list of group domains that Google considers to be malicious can be viewed here (opens in a new tab).