Some cybercriminal groups are sophisticated, create advanced schemes, cooperate with other attackers and do everything to stay under the radar. Then there are threat actors like CosmicBeetle \u2013 they lack the necessary skills set, write crude malware, yet still compromise interesting targets, and achieve \u201cstealth\u201d by using odd, impractical and overcomplicated techniques.<\/p>\n
Our guest, ESET senior malware researcher Jakub Sou\u010dek<\/a>, talks about his investigation into CosmicBeetle\u2019s toolkit written in Delphi, and the fact that their malware is controlled via graphical user interface (GUI) with buttons and text fields necessary to set up, control and run any attack on victims\u2019 devices.<\/p>\n Discussing further with ESET Research Podcast host and Distinguished Researcher Aryeh Goretsky<\/a>, Jakub shared his view of CosmicBeetle\u2019s encryption routine, information about their victimology, and details of their \u201cinvolvement\u201d with high-profile gangs such as LockBit and RansomHub.<\/p>\n For details on how this crude and clumsy threat actor, whose malicious tools are \u201criddled with bugs\u201d, achieved to penetrate any of its targets, listen to this ESET Research Podcast episode. To read more about activities of CosmicBeetle or other cybercriminal and state-aligned actors, follow ESET Research on X (formerly known as Twitter)<\/a> and check out our latest blogposts<\/a> and white papers<\/a>.<\/p>\n If you like what you hear, subscribe for more on Spotify<\/a>, Apple Podcasts<\/a>, or PodBean<\/a>.<\/p>\n<\/p>\n