CostaRicto APT

Posted: November 13, 2020

CostaRicto APT Description

CostaRicto APT is a suspected criminal organization that is likely to work with clients from all around the world, as long as they can afford their services. This Advanced Persistent Threat (APT) group has been active for over a year, but their toolset and campaigns have been observed over the past six months thoroughly. So far, the CostaRicto APT has managed to reach networks worldwide, but the majority of their victims appear to be situated in Southeast Asia. However, remnants of CostaRicto's tools have been discovered on networks in Africa, Europe, Australia, and both Americas.

Cybersecurity experts believe that the CostaRicto APT actors do not have a particular agenda since their targets appear to be chosen on a random basis. Typically, such behavior is associated with hackers-for-hire organizations, which serve the needs of the highest bidders.

The CostaRicto APT is a Suspected Hacker-For-Hire Group Operating around the Entire World

The group relies on custom-built and public utilities to aid it in its threatening campaigns. Two of the most impressive tools to be used in their operations are the SombRAT and CostaBricks. The latter is a complicated Trojan loader that uses code virtualization to hide its purpose, while the former is a Remote Access Trojan (RAT) with a modular structure.

Experts note that the CostaRicto APT tools appear to be well-maintained, and the criminals are not planning to use them for one-off attacks, certainly. Instead, it is likely that the implants will continue to be improved and reused in future campaigns. The CostaRicto APT campaigns are still active as of November 2020, and only time will tell how much more mayhem they will cause in the future.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to CostaRicto APT may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.