Google’s Threat Analysis Group published a blog post describing the activities of hack-for-hire groups in India Russia, and the United Arab Emirates. The company has over 30 domains utilized by these groups to its Safe Browsing mechanism, which blocks users from having access to them.
Google has been tracking the threat actor linked to India since 2012. Some of its members are believed to have worked for offensive security providers in the past. They now seem to be operating for Rebsec, a new organization that advertises corporate espionage services openly.