Security researchers from BlackBerry Research are tracking a cyberespionage group dubbed CostaRicto whose targets are unusually varied, indicating that it’s selling hacker-for-hire services to other entities. The group uses its own custom-built malware and a complex network of proxies, VPNs and SSH tunnels to hide its activity.
“Mercenary groups offering APT-style attacks are becoming more and more popular,” the BlackBerry researchers said in their report. “Their tactics, techniques, and procedures (TTPs) often resemble highly sophisticated state-sponsored campaigns, but the profiles and geography of their victims are far too diverse to be aligned with a single bad actor’s interests.”
