Google’s Threat Analysis Group (TAG) has discovered a new and highly sophisticated hacking group that has been targeting governments and businesses around the world since at least 2021. The group, known as TA453, has been using novel techniques to evade detection and compromise systems, raising concerns about the evolving threat landscape and the growing capabilities of nation-state actors in cyberspace..
TA453’s primary targets have been in the United States, the United Kingdom, and the European Union, with a focus on government agencies, think tanks, and other organizations involved in international relations and foreign policy. The group’s activities are particularly concerning due to their ability to maintain persistence on compromised systems for extended periods, allowing them to gather sensitive information and conduct surveillance operations..
One of the most striking aspects of TA453’s operations is their use of custom-developed malware that leverages legitimate cloud services and open-source tools to evade detection and analysis. This approach, known as .
