Google’s Threat Analysis Group (TAG) on Thursday said it’s tracking more than 270 government-backed threat actors from more than 50 countries, adding it has approximately sent 50,000 alerts of state-sponsored phishing or malware attempts to customers since the start of 2021.
The warnings mark a 33% increase from 2020, with the spike largely stemming from “blocking an unusually large campaign from a Russian state sponsored hacking group known as APT28 or Fancy Bear.”
The figure includes groups engaged in both cyber-espionage operations, but also disinformation campaigns, Google said in a report today.
When attacks performed by these groups include phishing emails, Google said it also sends email alerts to the targeted Gmail users.
But even if APT28 was responsible for the largest attack this year, Bash said that another group was more active, namely APT35. Also tracked as Charming Kitten, APT 35, Newscaster, Ajax Security Team, Phosphorus, and Group 83, the group is believed to operate under the protection of the Iranian government.
“For years, this group has hijacked accounts, deployed malware, and used novel techniques to conduct espionage aligned with the interests of the Iranian government,” Bash added.