As seen in CPO Magazine.
For some years now, Google has been issuing direct personal warnings to users that appear to have been targeted by a state-sponsored hacking group. The company has taken the unusual step of issuing a general public warning about one of these groups via its blog, due to a large-scale campaign targeting academics and international conference attendees.
Google warns that Advanced Persistent Threat Group 35 (APT35), thought to be associated with Iranian governments, has been active with phishing emails targeting specific groups as well as the placement of spyware apps on the Google Play Store.
APT35 keeps threat analysts busy in 2021
In the world of state-sponsored hacking, China and Russia are kings. The second tier, groups that are less sophisticated but very active and substantially dangerous, includes Iran’s threat actors. APT35 was initially considered unsophisticated when it was first identified, but has steadily grown in capability over the years. The group is best known for breaching HBO and leaking television episode scripts, and for targeting the email addresses of Donald Trump campaign staffers in 2020.
The group appears to be stepping up both the quality and amount of its attacks this year. Edward Roberts, VP of Marketing of Neosec, notes that the attempts have a focus on exploiting vulnerable APIs: “This attack follows the trend that attacks are typically a sequence of tactics employed by the hacker. Increasingly, with the ubiquitous adoption of APIs by organizations, it is no surprise that APIs are one of the tactics used in these sophisticated attacks. We expect APIs to increasingly become the focus for bad actors.”
About Neosec
Neosec is reinventing application security with a powerful platform that unifies security and development teams to protect modern applications from threats. The foundation of the SaaS platform is built on data and analytics to manage security at scale. Neosec prevents threats from abusing the complex network of APIs that connect today's businesses. The platform helps organizations discover every API and audit risk. Neosec has pioneered the use of behavioral analytics to understand normal versus abnormal API usage and delivers powerful threat hunting capabilities. Neosec prevents threats and stops abuse hiding within APIs and brings new intelligence to application security. Neosec is based in Palo Alto, California with R&D in Tel Aviv, Israel. To learn more, visit Neosec.com.
