A new group of cybercriminals is attacking SMEs, including in France, and is impersonating the much-feared Lockbit group to put pressure on victims.
A group of hackers, called CosmicBeetle, has been carrying out hacks for almost a year, posing as a gang feared in the cyber world. a report Published on September 10, 2024 by ESET, cybersecurity experts analyzed this increasingly aggressive group of criminals. ESET researchers note that hackers are mainly targeting small businesses in Asia and Europe, particularly in France.
To infiltrate their victim’s network, hackers use the now “old” brute force method, trying to find the password using machines that test millions of combinations. If the target is poorly secured – no two-factor authentication, no cybersecurity software – the criminals will be able to take control of an account and infect the system.
They also exploit vulnerabilities in popular software, such as WordPress, that companies have not updated. The hackers then launch ransomware attacks to paralyze the company’s operations.
Same darknet site as Lockbit hackers
To create fear in their victims, hackers pretend to be the Lockbit cybercriminal gang. The latter is behind famous attacks in France, such as those against the Corbeil-Essonnes hospital, the Nuxe cosmetics group or the Poste Mobile.
CosmicBeetle impersonates Lockbit in ransom messages sent to victims and has even replicated a site, identical to that of the high-profile hacking group, to display the names of the hacked companies.
ESET cannot yet reveal the origin of the hackers, however the malware used contained Turkish strings in its code. One thing is certain: the police operation against Lockbit has reduced the fear that this group inspired among other hackers.
Source: www.numerama.com
