A new hacking group dubbed ‘Polonium’ has become highly active these days and is said to be targeting only Israeli firms with an aim to conduct espionage and steal intelligence. In June this year, Microsoft Threat Intelligence Center has issued a warning against the new APT group and now security researchers from security firm ESET have confirmed it as a ransomware and data wiping tools distributor.
In a sensational finding, ESET added in its report linking Polonium to Lebanon and operating with the control in the hands of Iranian intelligence. The threat group has been assigned the duty to target technology-based firms of Israel first and infiltrate their networks to conduct espionage.
Information is out that they are only interested in developing products and services and would aim to gain analysis of what the company’s R&D is busy with these days. And how they can gain entry into the research and find a footing in the project.
ESET published the same in its Virus Bulletin 2022 conference last month and reiterated the same in its October 11th release. According to the report, the said threat group is active since September 2021 and has targeted many companies functioning in engineering, IT, Communications, laws, manufacturing, media, insurance and those serving the transit sector.
The purpose of Polonium only hitting Isreal based firms is unknown yet. But some analysts say that the espionage campaign can be extended to other developed countries soon.
