Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Google Blocked Dozens of Domains Used by Hack-for-hire Groups

Google Blocked Dozens of Domains Used by Hack-for-hire Groups

Google’s Threat Analysis Group (TAG) has blocked dozens of malicious domains and websites used by hack-for-hire groups in attacks targeting high-risk targets worldwide.

Unlike commercial surveillance vendors whose tools are deployed in attacks by clients, hack-for-hire operators are directly involved in attacks and are usually employed by a firm offering such services. In some cases, they can also be “freelance” threat actors. 

They’re hired for their hacking skills by clients who lack them or who want to conceal their identity if the attacks are detected and investigated.

Hack-for-hire groups target individuals and organizations in data theft and corporate espionage campaigns, with past victims including politicians, journalists, human rights and political activists, and various other high-risk users from all over the world.

Also Read: Top 10 Data Protection Cases That You Must Know About

“The breadth of targets in hack-for-hire campaigns stands in contrast to many government-backed operations, which often have a clearer delineation of mission and targets,” Google TAG Director Shane Huntley said on Thursday.

“A recent campaign from an Indian hack-for-hire operator was observed targeting an IT company in Cyprus, an education institution in Nigeria, a fintech company in the Balkans and a shopping company in Israel.”

Hack-for-hire campaigns worldwide 

Currently, Google TAG is tracking multiple hack-for-hire firms from several countries and their campaigns, including India, Russia, and the United Arab Emirates. 

For instance, one group of hired spies from India linked to offensive security providers Appin and Belltrox and tracked throughout the last decade has orchestrated credential phishing campaigns against organizations in the government, healthcare, and telecom sectors of Saudi Arabia, the United Arab Emirates (UAE), and Bahrain.

Reuters also reported today that Indian cyber-mercenaries have also tried to hack “at least 75 U.S. and European companies, three dozen advocacy and media groups and numerous Western business executives,” as well as into email inboxes belonging to the targets’ lawyers, “some 1,000 attorneys at 108 different law firms.”

Another hack-for-hire threat actor from Russia (known as Void Balaur) was linked to credential phishing attacks against journalists, politicians, and various NGOs and non-profit organizations across Europe (including Russia).

Void Balaur pricing list
Void Balaur pricing list (Google TAG)

Last but not least, a UAE-based hack-for-hire group linked to H-Worm’s developers and whose activity was also spotted by Amnesty International, has primarily focused its attacks on government, education, and political organizations in the Middle East and North Africa.

Also Read: The NRIC Check Digit Algorithm: Unbelievable facts to know about

“As part of our efforts to combat serious threat actors, we use results of our research to improve the safety and security of our products. Upon discovery, all identified websites and domains were added to Safe Browsing to protect users from further harm.” Huntley added.

“We encourage any high risk user to enable Advanced Protection and Google Account Level Enhanced Safe Browsing and ensure that all devices are updated. Additionally, our CyberCrime Investigation Group is sharing relevant details and indicators with law enforcement.”

Huntley also shared the complete list of malicious domains blocked by Google while investigating the activity of hack-for-hire groups from India, Russia, and the UAE.

Google TAG’s team of security experts is also tracking a long list of state-backed and financially motivated threat actors, including dozens of surveillance vendors who sell their spyware to governments around the world.

“TAG is actively tracking more than 30 vendors with varying levels of sophistication and public exposure selling exploits or surveillance capabilities to government-backed actors,” Google TAG members Clement Lecigne and Christian Resell said recently.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us