Security News > 2020 > November > New stealthy hacker-for-hire group mimics state-backed attackers
A new mercenary hacker group tracked as CostaRicto by BlackBerry researchers is selling its services to entities requiring APT-level hacking expertise in cyber-espionage campaigns spanning the globe and targeting a multitude of industry sectors.
Their attacks focused on South Asia provides some hints at CostaRicto's base of operations from where they launch cyber-espionage campaigns on behalf of customers.
The group has been active since at least October 2019 based on their CostaRicto malware timestamps, although some of their payload stagers are as old as 2017 suggesting that they have been used in previous campaigns but for delivering other malicious payloads.
"Outsourcing an espionage campaign, or part of it, to a mercenary group might be very compelling, especially to businesses and individuals who seek intelligence on their competition yet may not have the required tooling, infrastructure, and experience to conduct an attack themselves," BlackBerry said.
"The toolset used in CostaRicto campaign consists of bespoke malware that appeared around October 2019 and has been rarely seen in the wild since. It appears to be private to this particular adversary," BlackBerry explains.