According to a post from Google’s Threat Analysis Group (TAG), the company blames Russian hacking group APT 28, also known as Fancy Bear. The group has been so prolific in its efforts that Google saw a 33% increase in attacks from this same time in 2020. Fancy Bear’s hacking strategy appears to be large-scale phishing and malware campaigns, and when an attempt is detected, Google immediately sends out a notification. The company does this to make sure the attackers don’t see their defensive strategy. If someone has gotten one of these warnings, it doesn’t mean they’ve been hacked, but rather that they are a target. In addition to the Russian group, TAG revealed it is tracking more than 270 state-backed hacking groups across 50 countries. Google also mentioned another hacking group known as APT35 from Iran, which it says is responsible for one of the more noteworthy hacking campaigns from this year. APT35’s usual activity is to phish for the credentials of “high-value accounts” found in government organizations, journalist groups, and national security, to name a few. TAG points out how far these groups will go to appear legitimate, since that makes it easier to trick users. Google recommends that users enable two-factor authentication or enroll in itsAdvanced Protection Program for added security.
