A hackers-for-hire operation has been discovered using a strain of previously undocumented malware to target South Asian financial institutions and global entertainment companies. Dubbed “CostaRicto” by Blackberry researchers, the campaign appears to be the handiwork of APT mercenaries who possess bespoke malware tooling and complex VPN proxy and SSH tunneling capabilities. The identities of the crooks behind the operation are still unknown, but one of the IP addresses to which the backdoor domains were registered has been linked to an earlier phishing campaign attributed to Russia-linked APT28.
Source: https://thehackernews.com/2020/11/uncovered-apt-hackers-for-hire-target.html