Home Hacking Dark Web Hacker Group Targets South Asian Organizations

Dark Web Hacker Group Targets South Asian Organizations

A new dark web hacker group has surfaced on the internet who are preying on the targets in over a dozen countries around the world, says the Blackberry research that has been published off lately. Blackberry has been calling the hacker group or the hack-for-hire shop by the name “CostaRicto” who are after the South Asian targets, especially in Bangladesh, India and Singapore.

Not restricted to these countries, the hackers are also targeting entities in the Americas, Africa, Europe and Australia, including other locations in Austria like the Bahamas, Mozambique, France, Portugal and the Netherlands. This information has been shared by the researchers who have written about the dark web hacker group in a blog.

It is not yet clear who exactly is in the hire-a-hacker group. But their modus operandi in the regions stated gives a hint that they possibly are from the South Asian countries, the researchers have suggested. The researchers have also mentioned that they might be working on behalf of their clients. This is stated based on the unique targeting modus operandi and the characteristic of their tool-set.

Their custom backdoor, dubbed SombRAT, is configured in an offbeat way that hints it is intended to be upgraded and used over time. Moreover, it can be adapted based on various targeting needs.

“The constant development, detailed versioning system and well-structured code that allows for easy functionality expansion — all suggest that the toolset is part of a long-term project, rather than a one-off campaign,” the researchers write in the blog, adding that the diverse set of targets suggests assignments from clients rather than a singular, directed espionage campaign.

The dark web hacker group works actively for stealing their target’s credentials in two ways, viz., spear-phishing or purchasing the credentials from the dark web, stated the research group.

The researchers have been documenting the various dark web hacker groups and hackers-for-hire entities. The “CostaRicto Mercenary Operation” is just a part of the documentation and several others have been identified by now. One of the similar kind of hire-a-hacker shops named Bahamut has been utilizing the malicious applications, software flaws and disinformation for surveilling the targets in South Asia and the Middle East. Blackberry had stated this in its previous research.

There are other hacking groups as well that have come into the light, such as the Indian cybersecurity firm BellTroX and a group of mercenary hackers who had been conducting the cyber-operations on behalf of their clients. The researchers mentioned that the government-supported actors and the well-resourced businesses who are eager to hide their involvement in the surveillance operations or the ones who lack hacking skills are drawn towards these kinds of dark web hacker group or hacking services and hacking forums.

“Outsourcing attacks or certain parts of the attack chain to unaffiliated mercenary groups has several advantages for the adversary — it saves their time and resources and simplifies the procedures, but most importantly it provides an additional layer of indirection, which helps to protect the real identity of the threat actor,” BlackBerry researchers write.

Blackberry mentions that like many of the other hire-a-hacker operations, it seems that this one has been operational for over a few months. The earliest timestamps for the custom backdoor dates back to last year’s October. The payload stagers’ timestamps dated back to 2017, which means that it has been operational for quite a long time.

Source: Cyber Scoop

Disclaimer: Read the complete disclaimer here.

Demarco Berry is a senior writer for Dark Web Link, covering security, privacy, information freedom, and hacker culture. Before coming to Dark Web Link, he worked as a senior writer for The New York magazine. Demarco has received his bachelor’s degree from Haverford College and a master’s degree from New York University’s business and economic reporting program.



Please enter your comment!
Please enter your name here



- Advertisment -

Most Popular

Darknet Email Hacking: Hackers Sold Massive CEO & CFO Passwords

An alleged hacker has been selling Microsoft email account passwords of hundreds of high-level executives from a considerable number of companies on the dark...

Dark Web Kidnapping: 7-Year-Old Russian Boy Rescued After 52 Days

A seven-year-old Russian boy has finally been rescued after a horrific alleged dark web kidnapping. The boy had been spotted on the dark web....

Techie Arrested For Helping The Dark Web Drug Peddlers

The Central Crime Branch (CCB) has arrested a Bengaluru based computer programmer aged 25 years lately on account of allegedly hacking several government websites....

Teenage Assassin: Detective Murder Resembles Playing Hitman Video Game

A teenage assassin who had murdered a female detective is proud of his deeds and has confessed to the Russian cops that it felt...