ESET Research Podcast: CosmicBeetle

Cyber Security

ESET Research

Learn how a rather clumsy cybercrime group wielding buggy malicious tools managed to compromise a number of SMBs in various parts of the world

ESET Research Podcast: CosmicBeetle

Some cybercriminal groups are sophisticated, create advanced schemes, cooperate with other attackers and do everything to stay under the radar. Then there are threat actors like CosmicBeetle – they lack the necessary skills set, write crude malware, yet still compromise interesting targets, and achieve “stealth” by using odd, impractical and overcomplicated techniques.

Our guest, ESET senior malware researcher Jakub Souček, talks about his investigation into CosmicBeetle’s toolkit written in Delphi, and the fact that their malware is controlled via graphical user interface (GUI) with buttons and text fields necessary to set up, control and run any attack on victims’ devices.

Discussing further with ESET Research Podcast host and Distinguished Researcher Aryeh Goretsky, Jakub shared his view of CosmicBeetle’s encryption routine, information about their victimology, and details of their “involvement” with high-profile gangs such as LockBit and RansomHub.

For details on how this crude and clumsy threat actor, whose malicious tools are “riddled with bugs”, achieved to penetrate any of its targets, listen to this ESET Research Podcast episode. To read more about activities of CosmicBeetle or other cybercriminal and state-aligned actors, follow ESET Research on X (formerly known as Twitter) and check out our latest blogposts and white papers.

If you like what you hear, subscribe for more on Spotify, Apple Podcasts, or PodBean.

Products You May Like

Articles You May Like

Bitfinex Hacker Jailed for Five Years Over Billion Dollar Crypto Heist
Researchers Warn of Privilege Escalation Risks in Google’s Vertex AI ML Platform
Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials
Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments
Palo Alto Networks Patches Critical Firewall Vulnerability

Leave a Reply

Your email address will not be published. Required fields are marked *