ESET Research Podcast: CosmicBeetle

Cyber Security

ESET Research

Learn how a rather clumsy cybercrime group wielding buggy malicious tools managed to compromise a number of SMBs in various parts of the world

ESET Research Podcast: CosmicBeetle

Some cybercriminal groups are sophisticated, create advanced schemes, cooperate with other attackers and do everything to stay under the radar. Then there are threat actors like CosmicBeetle – they lack the necessary skills set, write crude malware, yet still compromise interesting targets, and achieve “stealth” by using odd, impractical and overcomplicated techniques.

Our guest, ESET senior malware researcher Jakub Souček, talks about his investigation into CosmicBeetle’s toolkit written in Delphi, and the fact that their malware is controlled via graphical user interface (GUI) with buttons and text fields necessary to set up, control and run any attack on victims’ devices.

Discussing further with ESET Research Podcast host and Distinguished Researcher Aryeh Goretsky, Jakub shared his view of CosmicBeetle’s encryption routine, information about their victimology, and details of their “involvement” with high-profile gangs such as LockBit and RansomHub.

For details on how this crude and clumsy threat actor, whose malicious tools are “riddled with bugs”, achieved to penetrate any of its targets, listen to this ESET Research Podcast episode. To read more about activities of CosmicBeetle or other cybercriminal and state-aligned actors, follow ESET Research on X (formerly known as Twitter) and check out our latest blogposts and white papers.

If you like what you hear, subscribe for more on Spotify, Apple Podcasts, or PodBean.

Products You May Like

Articles You May Like

US Organizations Still Using Kaspersky Products Despite Ban
Akira and RansomHub Surge as Ransomware Claims Reach All-Time High
Thousands Download Malicious npm Libraries Impersonating Legitimate Tools
Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware
HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft

Leave a Reply

Your email address will not be published. Required fields are marked *