Over the past half a year, BlackBerry’s Research and Intelligence team has been keeping a close eye on a cyber-espionage campaign that is targeting individuals around the world. Dubbed ‘CostaRicto’ by BlackBerry, the campaign seems to be run by 'hackers-for-hire', a group of skilled APT actors with bespoke malware tooling and complex VPN proxy and secure shell (SSH) tunneling capabilities...
When it comes to espionage campaigns, outsourcing the whole or even part of the campaign is a compelling proposition, particularly for businesses and individuals who are looking for inside information on their competitors but don’t necessarily have the skills, tools or experience to do this themselves. (and/or want plausible deniability) more
The use of cutouts is a popular and very effective spy tactic. Most corporate espionage (and competitive intelligence) is based on this method.
Pretext'ers, employment moles, buggers, blackmailers, aerial reconnaissance pilots, private investigators, and bribers are just a few of the EaaS types. Now, hackers join the list. The one thing they have
in common is stay invisible and don't get caught.
Thus, the victim never realizes they have been victimized.
Thus, only corporations with smart security directors conduct Technical Surveillance Countermeasures (TSCM) inspections, information security surveys and provide employees with counterespionage training.
